The current implementation -- based on the beta version of Microsoft’s Indigo, a Windows implementation of a stack of advanced
Web service protocols -- uses WS-ReliableMessaging to ensure orderly and reliable delivery of messages. And it uses WS-SecureConversation
to optimize that secure, reliable channel for high-volume traffic.
Khan explains that WS-Security alone, in concert with WS-Policy, could not sustain near-real-time traffic. The protocol, which
required frequent exchanges of credentials with the identity management system, was too chatty. WS-SecureConversation, which
enables caching of credentials, streamlines the protocol. That, coupled with a feature of Indigo’s implementation of WS-ReliableMessaging
that enables a router to broker a connection between two end points and then get out of the way, resulted in a massive scale-up.
“Before, with WSE, each router limited us to 300 clients,” Khan says. Indigo can support 638 clients per router, he adds,
and with optimization, that many clients for each service running behind the router. “So if you keep on adding services, it
scales linearly,” he says. The system currently supports more than 1,000 clients, all observing vital signs simultaneously
every 30 seconds.
Reflecting on the transition from WSE to Indigo, Khan echoes Scott Hanselman’s point about shielding developers from XML.
WSE handled the basic scenarios, he says, but beyond those, “we had to go into the schema and do all the angle brackets.”
Thanks to Indigo’s higher level of abstraction, that problem vanished.
More broadly, Indigo made a harder problem -- the appropriate use of Web services in concert with platform-native services
and transports -- tractable. “Behind each Web service there’s an MSMQ [Microsoft Message Queue] and an enterprise service,”
Khan says. “In the Microsoft domain, enterprise services are completely different from Web services, MSMQ lives in its own
world, and XML has its own toolset.” Different team members had to be experts in different disciplines; no one person could
master them all. From Khan’s perspective, Indigo gives “Mort” the leverage he needs.
Providence: Enforcing Contracts
Providence Health Systems deploys what’s becoming a typical two-tiered SOA to support its clinical and business applications
and its physician and patient portals. A set of coarse-grained services, which map closely to business processes, are woven
from another set of more elemental services. Although some advanced standards are in use, such as WS-Security, Providence
doesn’t deal with them directly. “We rely on our vendor’s implementation of the security stuff,” says Mike Reagin, vice president
of development at Providence. The vendor in this case is Infravio, whose Web services management system provides the framework
within which Providence deploys and manages its services.
Infravio implements UDDI, but Reagin says that, with relatively few services in play, directory lookup isn’t a big deal. Declaring
and enforcing policies that control the use of those services, however, is a very big deal, as is monitoring service activity.
In Infravio’s model, services are provisioned as producer/consumer pairs, each of which is governed by a contract. The master
patient index, for example, is a common service used by both the physician and patient portals but in slightly different ways.
The patient’s health-plan member number, which appears in the patient portal, must be stripped from the physician portal.
By creating separate WSDL interfaces for separate consumers, Infravio enables the common service to be reused rather than
duplicated. This variation is achieved in a declarative way, rather than by writing code.
Providence’s SOA deployment is, for now, largely internal. Services feed its outward-facing portals but are not yet directly
exposed to partners. That day will come, Reagin feels sure, and when it does, he expects that his use of the core standards,
SOAP and WSDL, will enable more advanced scenarios: orchestration, reliable messaging, policy-governed security, and auditing.
Which pieces of the WS-* stack will enable those scenarios? Reagin doesn’t lose sleep over the question. When the time comes,
he’ll buy -- rather than build -- the needed infrastructure.
Pfizer: Trusting the Fabric
Security and reliable messaging are key requirements for the Pfizer Global Pharmaceuticals (PGP) group. The pharma giant’s
SOA deployment meets those requirements with the help of Blue Titan’s Network Director, which manages PGP’s Web services traffic
across the enterprise.
On the security front, Blue Titan’s “fabric” enforces a policy that routes requests through a DataPower intermediary for compliance
auditing and through an Oblix system for authentication. Martin Brodbeck, PGP’s application architecture director, sees WS-Security
as the integration framework for these activities. Although he doesn’t deal directly with related standards, such as WS-Policy
or WS-Trust, Blue Titan does in fact support them.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
