WO2004084522A1 - Client web service access - Google Patents

Client web service access Download PDF

Info

Publication number
WO2004084522A1
WO2004084522A1 PCT/GB2003/005320 GB0305320W WO2004084522A1 WO 2004084522 A1 WO2004084522 A1 WO 2004084522A1 GB 0305320 W GB0305320 W GB 0305320W WO 2004084522 A1 WO2004084522 A1 WO 2004084522A1
Authority
WO
WIPO (PCT)
Prior art keywords
request
web
web service
client
service implementation
Prior art date
Application number
PCT/GB2003/005320
Other languages
French (fr)
Inventor
Paul Zachary Fremantle
Elizabeth Anne Hutchison
Original Assignee
International Business Machines Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corporation filed Critical International Business Machines Corporation
Priority to AU2003285597A priority Critical patent/AU2003285597A1/en
Priority to US10/549,051 priority patent/US20070005777A1/en
Priority to EP03778596A priority patent/EP1604506B1/en
Priority to DE60311684T priority patent/DE60311684T2/en
Publication of WO2004084522A1 publication Critical patent/WO2004084522A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1008Server selection for load balancing based on parameters of servers, e.g. available memory or workload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1023Server selection for load balancing based on a hash applied to IP addresses or costs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/561Adding application-functional data or data for application control, e.g. adding metadata
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/564Enhancement of application control based on intercepted application data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/30Managing network names, e.g. use of aliases or nicknames
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams

Definitions

  • the present invention relates to client access to web services and more particularly to the handling of requests from a web client to access a web service.
  • a service bus provides a flexible managed infrastructure for web services.
  • clients and web service providers operating in the services bus use a smart client "on-ramp" to attach to the service bus and this enables context and other environmental information to be added to the client/web service interactions so that, for example, security, transaction and other processing can be handled correctly according to the requirements of the web service and its clients.
  • it allows service selection and discovery to take place in a managed way, such that when a client wishes to access a web service it can use a web service which is found based on the functionality required by the client.
  • a client may request a web service that sells IBM computer equipment offering delivery in the UK and accepts pa;y ⁇ nent by American Express.
  • clients or web services in the se-rvice bus environment may be unaware of the bus infrastructure, for example the clients could be .NET, C, or Python/Pexl/JavaScript SOAP clients whiclx are hard-coded to use a particular URL and format to access a web service. Further such clients are not written using an application programming interface (API) specified for accessing the service bus infrastructure, for example Web Services Invocation Framework (WSIF) or the Java JSR109 programming model (available from the Java Community Process web site) (Java is a trade mark of Sun Microsystems Inc.) .
  • API application programming interface
  • WSIF Web Services Invocation Framework
  • Java JSR109 programming model available from the Java Community Process web site
  • a gateway is published as the provider of the web service and can, on receipt of a client request, route the request to an appropriate web service provider which is discovered and selected in a managed way that would also be used for a service bus aware client.
  • this requires the client to be updateable to change the URL specified in its request to the URL of the hub intermediary and in some scenarios the client may not be updateable in this manner.
  • the intermedia-ry may not be able to perform actions that only the client could perform - such as adding client specific information to the request.
  • the present invention provides a client data processing method for a client data processing host to transform a request from a web client, the method comp-trising: intercepting the request; changing a first web service implementation specified in the request to a second web service implementation; and forwarding the request to the second web service implementation thereby enabling the second web service implementation to process the request, wherein the second web service implementation is selected based on policy data associated with the web client.
  • the present invention provides a client data processing apparatus for transforming a request from a web client, the apparatus comprising: means for intercepting the request; means for changing a first web service implementation specified in the request to a second web service implementation; and means for forwarding the request to the second web service implementation thereby enabling the second web service implementation to process the request, wherein the second web service implementation is selected based on policy data associated with the web client.
  • the present invention prrovides a computer program product comprising instructions which, wr ⁇ en executed on a data processing host, cause the data processing host to carry out a method according to the first aspect.
  • the present invention thus enables a client request for a particular web service to be intercepted in the client host and transformed to a request for a different web service which has been selected in a managed way.
  • the policy data may specify specific quality of service requirements for the web client and as a result a web service is accessec-1 which more appropriately matches the web client quality of service requirements .
  • the request from the web client can be specified in an application layer protocol, for example, Simple Object Access Protocol over Hypertext Transfer Protocol (SOAP/HTTP) ; Internet Inter-Orb Protocol (HOP) ; or SO£_.P over Java Message Service (JMS) .
  • SOAP/HTTP Simple Object Access Protocol over Hypertext Transfer Protocol
  • HOP Internet Inter-Orb Protocol
  • JMS Java Message Service
  • the request may be further modified to a different application layer protocol to that in which the web client request was specified. For example, it can be changed from a SOAP/HTTP request to an HOP request.
  • the SOCKS support can be configured with a SOCKS proxy local to the client and the step of intercepting the request can result from the SOCKS proxy being called when the protocol stack is processing the request.
  • the protocol stack of the cliert-t data processing host includes HTTP support it may support configuration with an HTTP proxy, in which case intercepting the request can result from a local HTTP proxy being called .
  • the protocol stack is modified to intercept the request during processing and call a routine which is used to enable the step of changing the request.
  • a second web service implementation Preferably in order to choose a second web service implementation one or more alternative web service implementations to handle the request are discovered and then the second web service implementation is chosen from those discovered based on the policy data, for example, published using the Web Services Policy framework (WS-Policy) .
  • WS-Policy Web Services Policy framework
  • the one or more alternative web service implementations are discovered by obtaining Web Services Definition Language (WSDL) document for the first web service implementation and using information from this WSDL document to obtain a WSDL document for each of the one or more alternative web service implementations to handle the request.
  • WSDL Web Services Definition Language
  • a security policy is applied to the request.
  • at least apart of the request may be encrypted and/or a client key may be added to the request and/or a transport mechanism for sending the request is chosen based on its security properties, as indicated using Web Services Security Protocol (WS-Security) or other information.
  • the client key could be, for example, an identifier such as a client identifier or a user identifier. Further the client key could, for example, include a password.
  • client specific information could also be added to the request.
  • client key a machine identifier of the client data processing host, and/or an IP address of the client data processing host.
  • Such information could, for example, be used by the web service implementation for audit or security purposes.
  • the policy data may, for example, specify one or more of: response time requirements; security level requirements; transaction requirements; cost requirements; availability requirements; application layer protocol requirements; additional information requirements; and web service implementation requirements .
  • FIG. 1 is a block diagram of data processing environment in which the preferred embodiment of the present invention is advantageously applied;
  • Figure 2 is a schematic diagram showing an example of a web client sending a request from a client process to a web service according to the prior art
  • Figure 3 is a schematic diagram of a web client sending a request from a client process to a web service according to the preferred embodiment of the present invention
  • Figure 4 is a schematic diagram of the on-ramp of figure 3 , processing a request which originated from a web client;
  • Figure 5 is a flow chart of the main processing steps of a client data processing host of figure 3;
  • Figure 6 is a flow chart of the main processing steps of the on ramp of figure 3.
  • Figure 1 is a schematic diagram of a data processing environment in which the preferred embodiment of the present invention can be advantageously applied.
  • a client/server data processing host
  • Client/server 10 is connected to other client/server data processing hosts 12 and 13 via a network 11, which could be, for example, the Internet.
  • a web client running on host 10 can make a re ⁇ xuest to a web service available in host 12, but software running in the client transforms the request into a request to a web service available in host 13, the web service in host 13 being selected based on a policy data associated with the web client.
  • Client/server 10 has a processor 101 for executing programs that control the operation of the client/server 10, a RAM volatile memory element 102, a non-volatile memory 103, and a network connector 104 for use in interfacing with the network
  • FIG. 2 is a schematic diagram showing an example of a web client 201 sending a request 208 to a web service implementation 211 according to the prior art.
  • the web client and web service run in data processing hosts 200 and 210 respectively, each using a TCP/IP protocol stack.
  • the web client makes a request for a bank service operation that is directed to a bank service at URL http://www.banka.com/ (209) .
  • the web client 201 passes (205) the request to the application layer 202 of the protocol stack.
  • the application layer provides high level protocols through which a web client/service can access, for example, the TCP/IP protocol stack and in this example provides Simple Object Access Protocol (SOAP) over Hypertext Transfer Protocol (HTTP). Alternatively, for example, the application layer could provide Internet Inter-Orb Protocol (HOP).
  • SOAP Simple Object Access Protocol
  • HTTP Hypertext Transfer Protocol
  • HTTP Hypertext Transfer Protocol
  • HOP Internet Inter-Orb Protocol
  • the application layer 202 modifies the request and then passes (206) it to the transport and network layer 203.
  • the transport and network layer provides data transfer over a network and in this example this layer provides support for Transmission Control Protocol (TCP) over Internet Protocol (IP) .
  • TCP Transmission Control Protocol
  • IP Internet Protocol
  • the transport and network layer could provide User Datagram Protocol (UDP) .
  • UDP User Datagram Protocol
  • the network and transport layer 203 modifies the request and passes (207) it to the network interface layer 204 which interfaces with the client hardware and transmits the request 208 over the network 11.
  • the request arrives at the host 210 of the web service implementation it is received by the network interface layer 214 which passes (215) the request to the transport and network layer 213 which provides support for TCP/IP.
  • the transport and network layer undoes the changes made to the message in the client network and transport layer and then passes (216) it to the application layer 212, which provides support for SOAP/HTTP.
  • the application layer then undoes the changes made to the request in the client application layer and passes (217) it to the target web service implementation 211.
  • the web service protocol stack must provide support for the same protocols used in the client stack (i.e: SOAP/HTTP and TCP/IP) in order to successfully process the web client request.
  • FIG 3 is a schematic diagram of the client data processing host 200 of Figure 2 which has been modified according to the preferred embodiment of the present invention.
  • the TCP/IP layer further includes SOCKS support 305.
  • SOCKS is configured to re-route a web client request to a SOCKS proxy (or server) , the SOCKS proxy then performs some level of security checking before allowing the . web client request to proceed to the destination specified in the request.
  • SOCKS support 305 is configured to re-route a web client request to an adapted SOCKS proxy 306 which is local to the client.
  • SOCKS support 305 is called and this redirects (322) the request to the local adapted SOCKS proxy 306 which then passes (323) the request to a URL filter 307.
  • the URL. filter checks the URL specified as the target of the web client request with a configuration file which contains details which are used to decide if the URL specified as the target of the web client request is suitable for modification.
  • the configuration file may contain a list of specific URL's for which an exact match is required or a list of URL's containing wildcards for which a similarity match is required.
  • the web client request is returned (not shown) to the TCP/IP transport and network layer 203 for normal processing.
  • the request is passed (324) to a SOAP/HTTP parser 308 which can extract information, such as any data which accompanied the URL in the web client request. Having extracted the required information, the request is passed (325) to the on ramp 309 which then modifies the request to be suitable for passing to a service bus which provides access to a variety of web service implementations using a variety of protocols.
  • the service bus available to the client provides access to web service implementations using one of two protocol combinations, HOP 310 and SOAP/HTTP 311 and the on ramp modifies the web client request to be forr an alternative web service implementation which is available via the service bus and using an HOP request.
  • the on ramp 309 passes (326) the request for the alternative web service implementation to the HOP application layer 310 which then passes
  • Figure 4 is a more detailed schematic diagram of the on-ramp 309 of figure 3 and the components which interface with it, namely the SOAP/HTTP parser 308 and SOAP/HTTP 310 and HOP 311 application layers of the service bus.
  • the web client request is passed from the SOAP/HTTP parser to a matc iing engine 401 of the on ramp 309.
  • the matching engine looks up policies specified for the web client in a policy file 402.
  • the policy file may, for example, contain ⁇ tails for the client of response time requirements, security level recquirements, transaction requirements, cost requirements, availability requirements, application layer protocol requirements, additional information requirements, and/or web service implementation requirements.
  • the matching engine uses the policy information and request information as extracted from by the SOAP/HTTP parser from the web client request to modify the request using discovery 403, selection 404, and security 405 mechanisms.
  • the discovery mechanism 403 is used to discover alternative web service implementations available on the service bus and that are able to process the web client request, for example based on the URL specified in the request.
  • the selection mechanism 404 is then used to select a specific web service implementation from those discovered. The one chosen will closely match the requirements specified in the policy file.
  • the selection mechanism may further select a suitable protocol from those available from the service bus and which can be used to access the web service implementation.
  • a security mechanism 405 may also be used for selection purposes, for example to select a suitable protocol which matches the security requirements of t-he client or web service.
  • the client or web service implementation may require communication through a more secure protocol such as " WS-Security over SOAP, secure HTTP (HTTPS) , or secure HOP (HOPS) .
  • the security mechanism may, for example, encrypt the message using SOAP encryption and/or add information to the request such as a client key based on the security requirements of the web client or web service implementation.
  • the matching engine 401 selects an appropriate web service to handle the web client request and provides that to a suitable transport protocol, for example SOAP/HTTP or HOP, 311 and 310 respectively.
  • the policy file may contain one or more of: a response time requirement which requires uses of a faster transport protocol or a web service which gives a guaranteed response time; a security level requirement which requires encryption of the request or use of a secure protocol such as HTTPS; a cost requirement which specifies a maximum price range for goods provided by the web ser-vice or use of a communication protocol which provides a low cost connection; an availability requirement which requires use of a web service which provides 24x7 availability or use of a protocol with guaranteed request delivery such as transactional JMS; an application layer protocol requirement which specifies one or more application layer protocols which either must be used or must not be used for sending the request; an additional information requirement which requires an IP address and/or machine identifier of the client data processing host to be added to the request; and web service implementation requirement which requires for example, a web service implementation provided IBM approved dealer or a dealer base in the USA which accepts payment by A eri can Express .
  • Transformation of t ie request includes changing the web service to which the request is sen , and optionally changing such things as the application layer protocol used to send the request, the security protocol used for the request, or adding information to the request.
  • the web client uses a SOAP/HTTP application layer 202.
  • thi could be, for example, HOP, IXOPS, HTTP, HTTPS, SOAP over JMS, Remote Method Invocation (RMI) over HOP, XML over Java Message Service (JMS) , SOAP over Simple Mail Transfer Protocol (SMTP), or Enterprise JavaBeans (EJB) (JavaBeans is a registered trademark of Sun Microsystems Inc.) .
  • RMI Remote Method Invocation
  • JMS Java Message Service
  • SMTP Simple Mail Transfer Protocol
  • EJB Enterprise JavaBeans
  • the web client request is intercepted in the transport and network layer 203 by SOCKS support 305.
  • the HTTP layer can be- configured to call a local HTTP proxy, th-us replacing the SOCKS server 306 with a HTTP proxy and changing interception of the web client request to be in the SOAP/HTTP application layer (202) .
  • the on ramp 309 is able to use a service bus which provides application layer protocols of either HOP 310 or SOAP/HTTP 311 for the sending of requests .
  • these application layer protocols may be omitted and/or replaced and/or added to.
  • other additional/alternative layers provided by the service bus could be HOP, HOPS, HTTP, HTTPS, SOAP over JMTS, RMI over HOP, XML over JMS, SOAP over SMTP, or EJB.
  • transport and network layer protocols available to these application layer protocols can be changed and/or added to, for example UDP/IP can be available in addition to TCP/IP.
  • the discovery mechanism 403 when the discovery mechanism 403 discovers one or more alternative web service implementations to which t-tie client request can be targeted- it may do this based on Web Service Definition Language (WSDL) documents.
  • WSDL Web Service Definition Language
  • the client used a WSDL document to obtain a def inition of the target service implementation to which it made a request.
  • the discovery mechanism can first obtain the target service WSDL document and then, based on information in this WSDL, obtain WSDL documents for suitable alternative web service implementations, for example from a Universal Description, Discovery and Integration (UDDI) registry.
  • UDDI Universal Description, Discovery and Integration
  • a WSDL document contains details of the target service such as Port Type, Bindings, Ports, Messages, Types etc.
  • the Port Type defines the operation and operation para-meters provided by the target service
  • the Bindings specify the transport mechanisms
  • the Port specifies the end point addresses for channels providing access to the target service using the transport mechanisms.
  • DAML DARPA Agent Markup Language
  • the matching engine uses discovery, selection and security mechanisms to transform the request.
  • one or more of these mechanisms may be omitted and/or replaced and/or added to and/or encapsulated into the matching engine.
  • an additional or alternative mechanism could provide transactionality by surrounding one or more requests from the web client in a unit of work.
  • the client policy data may be, for example, encapsulated in the mechanisms or a random policy may be applied.
  • the web client request may be passed directly to the matching engine wi hout first being parsed and alternatively the matching engine could make calls to tine parser as required.
  • FIG 5 is a flow diagram o f the main steps in tine preferred embodiment of the present invention.
  • the web client request is intercepted.
  • the URL specified as the target of the web client request is obtained and at step 503 a check is made to see if the URL is listed in a configuration file as a URL that is suitable, for transformation by the on ramp (309 of figure 3) . If the URL is not suitable for transformation the wel- client request is sent to the target URL at step 504.
  • the web client request is parsed to obtain additional information such as any parameters sent with the request, for example, details of a particular aspect of the web service to which the request is targeted, or details of a WSDL document which describes the web service to which the request is targeted.
  • the web client request is modified based on client policy data. For e ⁇ xample, the request is redirected to a web service which provides the same service as that of the original request but which is approved for use by the client based company policy data. Once the request has been modified it is then sent, at step 504, to the web service to which it has been redirected.
  • Figure 6 is a more detailed flow diagram of the processing carried out at step 506 of figure 5.
  • policy data for the client is obtained from a configuration file and at step 602 a discovery mechanism is used to find suitable alternative web service implementations to handle the web client request. Alternatives for example can be found based on the URL and any additional data specified in the web client request. Further policy data may be used by the discovery mechanism.
  • a selection mechanism is used to select a web service implementation, from the discovered list of suitable alternatives, to handle the request. For example, a web service could be selected based on client policy data which specifies that the web service must be UK based and pro-vide for payment by American Express .
  • the selection mechanism may further s elect an application layer protocol for sending the request based on those available from the service bus and through which the selected web service implementation can be contacted.
  • a security mechanism is used to apply an appropriate security policy to the request, for example the selected web service may require all communications to be encrypted and/or a secure application layer protocol to be used.
  • client specific information is added to the request, for example an identifier which can be used to identify the client data processing host such as an IP address or machine or an identifier which can be used to identify the web client or web client user.
  • the transformed request is provided to a suitable application layer protocol, for example HOP or SOAP/HTTP.
  • the request protocol may be chosen to match that of the selected web service or chosen from several supported by the sel ected web service based on a client policy which specifies for example a required response time.
  • present invention provides a method, apparatus and computer program product in which a web client request for a weh> service is intercepted and the target of the request updated according to policy data associated with the client. Further the application layer protocol in which the web client request is specified may be changed and/or information added to the request. As a result a web client which makes a request for which the target web service is hard-coded may be adapted to take advantage of managed access to web services resulting in access to web services which, for example, provide quality of service characteristics which more appropriately match the requirements of the web client.

Abstract

The present invention provides a method, apparatus and computer program product in which a web client request for a web service is intercepted and the target of the request updated according to policy data associated with the client. Further the application layer protocol in which the web client request is specified may be changed. As a result a web client which makes a request for which the target web service is hard-coded may be adapted to take advantage of managed access to web services resulting in access to web services which, for example, provide quality of service characteristics which more appropriately match the requirements of the web client.

Description

CLIENT WEB SERVICE ACCESS
Field of the Invention
The present invention relates to client access to web services and more particularly to the handling of requests from a web client to access a web service.
Background to the Invention
Over recent years web services have become commonplace, for example, for a business to provide a web service which enables a web client to purchase goods from the business over the internet. Following on from this success use of the internet has increased and the requirements of web clients and web businesses have become ever more complex. From this has resulted the arrival of middleware offerings which enable clients to access, and businesses to implement, web services in new and better ways.
For example a service bus provides a flexible managed infrastructure for web services. In general, clients and web service providers operating in the services bus use a smart client "on-ramp" to attach to the service bus and this enables context and other environmental information to be added to the client/web service interactions so that, for example, security, transaction and other processing can be handled correctly according to the requirements of the web service and its clients. Further, it allows service selection and discovery to take place in a managed way, such that when a client wishes to access a web service it can use a web service which is found based on the functionality required by the client. For example a client may request a web service that sells IBM computer equipment offering delivery in the UK and accepts pa;yτnent by American Express. Such a smart client "on-ramp" and service bias architecture is disclosed in US application No: 10/322053 "Apparatus and method for selecting a web service in response to a request from a client device", Inventors: Flurry ancL Holdsworth.
However some clients or web services in the se-rvice bus environment may be unaware of the bus infrastructure, for example the clients could be .NET, C, or Python/Pexl/JavaScript SOAP clients whiclx are hard-coded to use a particular URL and format to access a web service. Further such clients are not written using an application programming interface (API) specified for accessing the service bus infrastructure, for example Web Services Invocation Framework (WSIF) or the Java JSR109 programming model (available from the Java Community Process web site) (Java is a trade mark of Sun Microsystems Inc.) . Typically, for a service bus to process requests from such clients the client request is forwarded to a hub intermediary or gateway for processing by the service bus . For example a gateway is published as the provider of the web service and can, on receipt of a client request, route the request to an appropriate web service provider which is discovered and selected in a managed way that would also be used for a service bus aware client. However, this requires the client to be updateable to change the URL specified in its request to the URL of the hub intermediary and in some scenarios the client may not be updateable in this manner. Furthermore, the intermedia-ry may not be able to perform actions that only the client could perform - such as adding client specific information to the request.
Summary of the invention
Accordingly, according to a first aspect, the present invention provides a client data processing method for a client data processing host to transform a request from a web client, the method comp-trising: intercepting the request; changing a first web service implementation specified in the request to a second web service implementation; and forwarding the request to the second web service implementation thereby enabling the second web service implementation to process the request, wherein the second web service implementation is selected based on policy data associated with the web client.
According to a second aspect the present invention provides a client data processing apparatus for transforming a request from a web client, the apparatus comprising: means for intercepting the request; means for changing a first web service implementation specified in the request to a second web service implementation; and means for forwarding the request to the second web service implementation thereby enabling the second web service implementation to process the request, wherein the second web service implementation is selected based on policy data associated with the web client.
According to a third aspect the present invention prrovides a computer program product comprising instructions which, wrαen executed on a data processing host, cause the data processing host to carry out a method according to the first aspect. The present invention thus enables a client request for a particular web service to be intercepted in the client host and transformed to a request for a different web service which has been selected in a managed way. For example the policy data may specify specific quality of service requirements for the web client and as a result a web service is accessec-1 which more appropriately matches the web client quality of service requirements .
The request from the web client can be specified in an application layer protocol, for example, Simple Object Access Protocol over Hypertext Transfer Protocol (SOAP/HTTP) ; Internet Inter-Orb Protocol (HOP) ; or SO£_.P over Java Message Service (JMS) . Optionally the request may be further modified to a different application layer protocol to that in which the web client request was specified. For example, it can be changed from a SOAP/HTTP request to an HOP request.
There are several alternatives as to how the request is intercepted. Optionally if the protocol stack of the client data processing host includes SOCKS support, the SOCKS support can be configured with a SOCKS proxy local to the client and the step of intercepting the request can result from the SOCKS proxy being called when the protocol stack is processing the request. Alternatively, if the protocol stack of the cliert-t data processing host includes HTTP support it may support configuration with an HTTP proxy, in which case intercepting the request can result from a local HTTP proxy being called . Alternatively the protocol stack is modified to intercept the request during processing and call a routine which is used to enable the step of changing the request.
Preferably in order to choose a second web service implementation one or more alternative web service implementations to handle the request are discovered and then the second web service implementation is chosen from those discovered based on the policy data, for example, published using the Web Services Policy framework (WS-Policy) .
Optionally the one or more alternative web service implementations are discovered by obtaining Web Services Definition Language (WSDL) document for the first web service implementation and using information from this WSDL document to obtain a WSDL document for each of the one or more alternative web service implementations to handle the request.
Optionally a security policy is applied to the request. For example at least apart of the request may be encrypted and/or a client key may be added to the request and/or a transport mechanism for sending the request is chosen based on its security properties, as indicated using Web Services Security Protocol (WS-Security) or other information. The client key could be, for example, an identifier such as a client identifier or a user identifier. Further the client key could, for example, include a password.
Optionally client specific information could also be added to the request. For example a client key, a machine identifier of the client data processing host, and/or an IP address of the client data processing host. Such information could, for example, be used by the web service implementation for audit or security purposes.
The policy data may, for example, specify one or more of: response time requirements; security level requirements; transaction requirements; cost requirements; availability requirements; application layer protocol requirements; additional information requirements; and web service implementation requirements .
Brief Description of the Drawings
The invention will now be described, by way of example only, with reference to a preferred embodiment thereof, as illustrated in the accompanying drawings, in which:
Figure 1 is a block diagram of data processing environment in which the preferred embodiment of the present invention is advantageously applied;
Figure 2 is a schematic diagram showing an example of a web client sending a request from a client process to a web service according to the prior art;
Figure 3 is a schematic diagram of a web client sending a request from a client process to a web service according to the preferred embodiment of the present invention;
Figure 4 is a schematic diagram of the on-ramp of figure 3 , processing a request which originated from a web client; Figure 5 is a flow chart of the main processing steps of a client data processing host of figure 3; and
Figure 6 is a flow chart of the main processing steps of the on ramp of figure 3.
Note that in the figures like numbers are used for like parts.
Description of the Preferred Embodiment
Figure 1 is a schematic diagram of a data processing environment in which the preferred embodiment of the present invention can be advantageously applied. In figure 1, a client/server data processing host
10 is connected to other client/server data processing hosts 12 and 13 via a network 11, which could be, for example, the Internet. For example, according to the present invention, a web client running on host 10 can make a reςxuest to a web service available in host 12, but software running in the client transforms the request into a request to a web service available in host 13, the web service in host 13 being selected based on a policy data associated with the web client. Client/server 10 has a processor 101 for executing programs that control the operation of the client/server 10, a RAM volatile memory element 102, a non-volatile memory 103, and a network connector 104 for use in interfacing with the network
11 for communication with the other client/servers 12 and 13.
Figure 2 is a schematic diagram showing an example of a web client 201 sending a request 208 to a web service implementation 211 according to the prior art. The web client and web service run in data processing hosts 200 and 210 respectively, each using a TCP/IP protocol stack.
In Figure 2 the web client makes a request for a bank service operation that is directed to a bank service at URL http://www.banka.com/ (209) . The web client 201 passes (205) the request to the application layer 202 of the protocol stack. The application layer provides high level protocols through which a web client/service can access, for example, the TCP/IP protocol stack and in this example provides Simple Object Access Protocol (SOAP) over Hypertext Transfer Protocol (HTTP). Alternatively, for example, the application layer could provide Internet Inter-Orb Protocol (HOP). The application layer 202 modifies the request and then passes (206) it to the transport and network layer 203. The transport and network layer provides data transfer over a network and in this example this layer provides support for Transmission Control Protocol (TCP) over Internet Protocol (IP) . Alternatively, for example, the transport and network layer could provide User Datagram Protocol (UDP) . The network and transport layer 203 then modifies the request and passes (207) it to the network interface layer 204 which interfaces with the client hardware and transmits the request 208 over the network 11.
When the request arrives at the host 210 of the web service implementation it is received by the network interface layer 214 which passes (215) the request to the transport and network layer 213 which provides support for TCP/IP. The transport and network layer undoes the changes made to the message in the client network and transport layer and then passes (216) it to the application layer 212, which provides support for SOAP/HTTP. The application layer then undoes the changes made to the request in the client application layer and passes (217) it to the target web service implementation 211. Thus the client request has been received for processing. Note that the web service protocol stack must provide support for the same protocols used in the client stack (i.e: SOAP/HTTP and TCP/IP) in order to successfully process the web client request.
However, a problem of the prior art of Figure 2, is that web client is hard coded with the URL (http://www.banka.com) of a web service implementation to which its request will be directed. As a result the client cannot take advantage of a service bus which can, for example, select a web service implementation to handle the request based in policy data associated with the web client.
Figure 3 is a schematic diagram of the client data processing host 200 of Figure 2 which has been modified according to the preferred embodiment of the present invention. In this embodiment the TCP/IP layer further includes SOCKS support 305. In normal use SOCKS is configured to re-route a web client request to a SOCKS proxy (or server) , the SOCKS proxy then performs some level of security checking before allowing the . web client request to proceed to the destination specified in the request. However, according to tie preferred embodiment of the present invention SOCKS support 305 is configured to re-route a web client request to an adapted SOCKS proxy 306 which is local to the client. As a result when the web client request is passed to the TCP/IP transport and network layer 203, SOCKS support 305 is called and this redirects (322) the request to the local adapted SOCKS proxy 306 which then passes (323) the request to a URL filter 307. The URL. filter checks the URL specified as the target of the web client request with a configuration file which contains details which are used to decide if the URL specified as the target of the web client request is suitable for modification. For example the configuration file may contain a list of specific URL's for which an exact match is required or a list of URL's containing wildcards for which a similarity match is required. If the URL is not suitable for modification the web client request is returned (not shown) to the TCP/IP transport and network layer 203 for normal processing. However, if the URL is suitable for modification the request is passed (324) to a SOAP/HTTP parser 308 which can extract information, such as any data which accompanied the URL in the web client request. Having extracted the required information, the request is passed (325) to the on ramp 309 which then modifies the request to be suitable for passing to a service bus which provides access to a variety of web service implementations using a variety of protocols. According to the preferred embodiment of figure 3 the service bus available to the client provides access to web service implementations using one of two protocol combinations, HOP 310 and SOAP/HTTP 311 and the on ramp modifies the web client request to be forr an alternative web service implementation which is available via the service bus and using an HOP request. As a result the on ramp 309 passes (326) the request for the alternative web service implementation to the HOP application layer 310 which then passes
(327) it on to the TCP/IP transp-ort and network layer 203 for passing
(328) to the network by the network interface layer 204 for sending over the network.
Figure 4 is a more detailed schematic diagram of the on-ramp 309 of figure 3 and the components which interface with it, namely the SOAP/HTTP parser 308 and SOAP/HTTP 310 and HOP 311 application layers of the service bus. The web client request is passed from the SOAP/HTTP parser to a matc iing engine 401 of the on ramp 309. The matching engine looks up policies specified for the web client in a policy file 402. The policy file may, for example, contain α tails for the client of response time requirements, security level recquirements, transaction requirements, cost requirements, availability requirements, application layer protocol requirements, additional information requirements, and/or web service implementation requirements. The matching engine, then uses the policy information and request information as extracted from by the SOAP/HTTP parser from the web client request to modify the request using discovery 403, selection 404, and security 405 mechanisms. The discovery mechanism 403 is used to discover alternative web service implementations available on the service bus and that are able to process the web client request, for example based on the URL specified in the request. The selection mechanism 404 is then used to select a specific web service implementation from those discovered. The one chosen will closely match the requirements specified in the policy file. The selection mechanism may further select a suitable protocol from those available from the service bus and which can be used to access the web service implementation. A security mechanism 405 may also be used for selection purposes, for example to select a suitable protocol which matches the security requirements of t-he client or web service. For example the client or web service implementation may require communication through a more secure protocol such as "WS-Security over SOAP, secure HTTP (HTTPS) , or secure HOP (HOPS) . Further the security mechanism may, for example, encrypt the message using SOAP encryption and/or add information to the request such as a client key based on the security requirements of the web client or web service implementation. In the preferred embodiment as a result of using these mechanisms the matching engine 401 selects an appropriate web service to handle the web client request and provides that to a suitable transport protocol, for example SOAP/HTTP or HOP, 311 and 310 respectively.
Note that, for; example, the policy file may contain one or more of: a response time requirement which requires uses of a faster transport protocol or a web service which gives a guaranteed response time; a security level requirement which requires encryption of the request or use of a secure protocol such as HTTPS; a cost requirement which specifies a maximum price range for goods provided by the web ser-vice or use of a communication protocol which provides a low cost connection; an availability requirement which requires use of a web service which provides 24x7 availability or use of a protocol with guaranteed request delivery such as transactional JMS; an application layer protocol requirement which specifies one or more application layer protocols which either must be used or must not be used for sending the request; an additional information requirement which requires an IP address and/or machine identifier of the client data processing host to be added to the request; and web service implementation requirement which requires for example, a web service implementation provided IBM approved dealer or a dealer base in the USA which accepts payment by A eri can Express .
Thus a preferred embodiment of the present invention has been described in which a web client request is intercepted and transformed. Transformation of t ie request includes changing the web service to which the request is sen , and optionally changing such things as the application layer protocol used to send the request, the security protocol used for the request, or adding information to the request. However, there are many alternative embodiments to that described. For example, in the α-escribed embodiment, with reference to figure 3, the web client uses a SOAP/HTTP application layer 202. However, in an alternative embodiment thi could be, for example, HOP, IXOPS, HTTP, HTTPS, SOAP over JMS, Remote Method Invocation (RMI) over HOP, XML over Java Message Service (JMS) , SOAP over Simple Mail Transfer Protocol (SMTP), or Enterprise JavaBeans (EJB) (JavaBeans is a registered trademark of Sun Microsystems Inc.) . If, for example, the application- layer was HOP the SOAP/HTTP parser 308 would be replaced by an HOP parser.
Further, for example, in the described embodiment, w h reference to figure 3, the web client request is intercepted in the transport and network layer 203 by SOCKS support 305. However, in an alternative embodiment this could be achieved by a different means. For example, the HTTP layer can be- configured to call a local HTTP proxy, th-us replacing the SOCKS server 306 with a HTTP proxy and changing interception of the web client request to be in the SOAP/HTTP application layer (202) .
Further, for example, in the described embodiment, wi h reference to figure 3, the on ramp 309 is able to use a service bus which provides application layer protocols of either HOP 310 or SOAP/HTTP 311 for the sending of requests . In another embodiment one or more of these application layer protocols may be omitted and/or replaced and/or added to. For example other additional/alternative layers provided by the service bus could be HOP, HOPS, HTTP, HTTPS, SOAP over JMTS, RMI over HOP, XML over JMS, SOAP over SMTP, or EJB. Further the transport and network layer protocols available to these application layer protocols can be changed and/or added to, for example UDP/IP can be available in addition to TCP/IP.
Further with reference to figure 4, for example, when the discovery mechanism 403 discovers one or more alternative web service implementations to which t-tie client request can be targeted- it may do this based on Web Service Definition Language (WSDL) documents. This is possible if the client used, a WSDL document to obtain a def inition of the target service implementation to which it made a request. In this case, after intercepting the reςruest the discovery mechanism can first obtain the target service WSDL document and then, based on information in this WSDL, obtain WSDL documents for suitable alternative web service implementations, for example from a Universal Description, Discovery and Integration (UDDI) registry. Note that a WSDL document contains details of the target service such as Port Type, Bindings, Ports, Messages, Types etc. The Port Type defines the operation and operation para-meters provided by the target service, the Bindings specify the transport mechanisms, and the Port specifies the end point addresses for channels providing access to the target service using the transport mechanisms. ϊTor example, alternatively a DARPA Agent Markup Language (DAML) Services document could be used instead of a WSDL document .
Further, for example, in the preferred embodiment, with reference to figure 4, the matching engine uses discovery, selection and security mechanisms to transform the request. In an alternative embodiment one or more of these mechanisms may be omitted and/or replaced and/or added to and/or encapsulated into the matching engine. For example an additional or alternative mechanism could provide transactionality by surrounding one or more requests from the web client in a unit of work. Further the client policy data may be, for example, encapsulated in the mechanisms or a random policy may be applied. Further the web client request may be passed directly to the matching engine wi hout first being parsed and alternatively the matching engine could make calls to tine parser as required.
Figure 5 is a flow diagram o f the main steps in tine preferred embodiment of the present invention. At step 501 the web client request is intercepted. At step 502 the URL specified as the target of the web client request is obtained and at step 503 a check is made to see if the URL is listed in a configuration file as a URL that is suitable, for transformation by the on ramp (309 of figure 3) . If the URL is not suitable for transformation the wel- client request is sent to the target URL at step 504. However, if the URL is suitable for transformation at step 505 the web client request is parsed to obtain additional information such as any parameters sent with the request, for example, details of a particular aspect of the web service to which the request is targeted, or details of a WSDL document which describes the web service to which the request is targeted. Then, at step 506 the web client request is modified based on client policy data. For e÷xample, the request is redirected to a web service which provides the same service as that of the original request but which is approved for use by the client based company policy data. Once the request has been modified it is then sent, at step 504, to the web service to which it has been redirected.
Figure 6 is a more detailed flow diagram of the processing carried out at step 506 of figure 5. At step 601 policy data for the client is obtained from a configuration file and at step 602 a discovery mechanism is used to find suitable alternative web service implementations to handle the web client request. Alternatives for example can be found based on the URL and any additional data specified in the web client request. Further policy data may be used by the discovery mechanism. At step 603 a selection mechanism is used to select a web service implementation, from the discovered list of suitable alternatives, to handle the request. For example, a web service could be selected based on client policy data which specifies that the web service must be UK based and pro-vide for payment by American Express . The selection mechanism may further s elect an application layer protocol for sending the request based on those available from the service bus and through which the selected web service implementation can be contacted. Having selected a web service, at step 604 a security mechanism is used to apply an appropriate security policy to the request, for example the selected web service may require all communications to be encrypted and/or a secure application layer protocol to be used. At step 605, optionally client specific information is added to the request, for example an identifier which can be used to identify the client data processing host such as an IP address or machine or an identifier which can be used to identify the web client or web client user. Finally at step 606 the transformed request is provided to a suitable application layer protocol, for example HOP or SOAP/HTTP. For example the request protocol may be chosen to match that of the selected web service or chosen from several supported by the sel ected web service based on a client policy which specifies for example a required response time.
Note that whilst the preferred embodiment of the present invention has been described in general terms a skilled person would realise that the invention could be embodied in a data processing method, a data processing apparatus or a computer program product comprising instructions for carrying out the data processing method.
Thus present invention provides a method, apparatus and computer program product in which a web client request for a weh> service is intercepted and the target of the request updated according to policy data associated with the client. Further the application layer protocol in which the web client request is specified may be changed and/or information added to the request. As a result a web client which makes a request for which the target web service is hard-coded may be adapted to take advantage of managed access to web services resulting in access to web services which, for example, provide quality of service characteristics which more appropriately match the requirements of the web client.

Claims

1. A client data processing method for transforming a request from a web client, the method comprising the steps:
intercepting- the request;
changing a -first web service implementation specified in the request to a second web service implementation; and
forwarding the request to the second web service implementation thereby enabling the second web service implementation to process the request,
wherein the second web service implementation is selected based on policy data associated with the web client.
2. The method of claim 1 wherein the request is speci ied in a first application layer protocol and the method comprises the further step of:
modifying trie request to be specified in a second application layer protocol .
3. The method of either claim 1 or claim 2 wherein the client data processing host comprises a SOCKS proxy and the step of intercepting the request comprises calling the SOCKS proxy and including with the call details of the request.
4. The method of . either claim 1 or claim 2 wherein the client data processing host comprises a HTTP proxy and the step of intercepting the request comprises calling the HTTP proxy and including with the call details of the request.
5. The method of any preceding claim comprising the further steps of:
discovering one or more alternative web service imp)lementations to handle the request; and
selecting t ie second web service implementation from the one or more alternative web services discovered;
6. The method of claim 5 wherein the discovering step comprises the steps of:
obtaining a first web service implementation Web Services Definition Language (WSDL) document for the first web service implementation; -and
using information from the web service implementation WSDL document to obtain a WSDL document for each of the one or more alternative web service implementations to handle the request;
7. The method of any preceding claim comprising the further step of:
applying a security policy to the request;
wherein the step of applying the security policy comprises one or more of the steps :
encrypting at least part of the request;
adding a web client key to the request; and
sending the request using a secure application layer protocol ;
8. The method of any preceding claim comprising the further step of:
adding information specific to the web client to the request comprising one or more of the steps :
adding an IP address of the client data processing host;
adding a machine identifier of client data processing host;
adding a web client key;
9. The method of any preceding claim wherein the policy data specifies one or more of: a response time requirement; a security level requirement; a transaction requirement; a cost requirement; an availability requirement; an application layer protocol requirement; an addition-al information requirement; and a web service implementation requirement.
10. A client data processing apparatus for transforming a request from a web client, the apparatus comprising: means for intercepting the request;
means for changing a first web service implementation specified in the request to a second web service implementation; and means for forwarding the request to the second! web service implementation thereby enabling the second web service implementation to process the request,
wherein the means for changing a first web serrvice implementation is operable to select the second web service implementation based on policy data associated with the web client.
11. The apparatus of claim 10 wherein the request is specified in a first application layer protocol and the apparatus f-urther comprises :
means for modifying the request to be specified in a second application layer protocol.
12. The apparatus of either claim 10 or claim 11 -further comprising a SOCKS proxy and the means for intercepting the request is operable to call the SOCKS proxy and include with the call details ofΞ the request .
13. The apparatus of either claim 10 or 11 wherein apparatus further comprises a HTTP proxy and the means for intercepting the request is operable too call the HTTP proxy and include with trae call details of the request.
14. The apparatus of any one of claims 10 to 13 further comprising:
means for discovering one or more alternative web service implementations to handle the request; and
means for selecting the second web service imrplementation from the one or more alternative web services discovered;
15. The apparatus of claim 14 wherein the means for discovering comprises :
means for obtaining a first web service implementation Web Services Definition Language (WSDL) document for the first web service implementation; and means for using information from the web service implementation WSDL document to obtain a WSDL document for each of the one o-t-r more alternative web service implementations to handle the request;
16. The apparatus of any one of claims 10 to 15 further- comprising:
means for applying a security policy to the request comprising on more of :
means for encrypting at leas t part of the request ;
means for adding a client key to the request; and
means for sending the request using a secure transport mechanism.
17. The apparatus of any one of claims 10 to 16 further comprising:
means for adding information specific to the web c-Lient to the request comprising one or more of:
means for adding an IP address of the client data processing host;
means for adding a machine identifier of client data processing host;
means for adding a web client key;
18. The apparatus of any one of claims 10 to 17 wherein- the policy data specifies one or more of: a response time requirement; a security level requirement; a transaction requirement; a cost requiremerj-t ; an availability requirement; an application layer protocol requirement; an additional information requirement _ and a web service implementation requirement.
19. A computer program product comprising instructions which, when executed on a data processing host , cause the data processing host to carry out the method as claimed in any one of claims 1 to 9.
PCT/GB2003/005320 2003-03-15 2003-12-05 Client web service access WO2004084522A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
AU2003285597A AU2003285597A1 (en) 2003-03-15 2003-12-05 Client web service access
US10/549,051 US20070005777A1 (en) 2003-03-15 2003-12-05 Client web service access
EP03778596A EP1604506B1 (en) 2003-03-15 2003-12-05 Client web service access
DE60311684T DE60311684T2 (en) 2003-03-15 2003-12-05 CUSTOMER ACCESS TO THE INTERNET SERVICE

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0305959.9 2003-03-15
GBGB0305959.9A GB0305959D0 (en) 2003-03-15 2003-03-15 Client web service access

Publications (1)

Publication Number Publication Date
WO2004084522A1 true WO2004084522A1 (en) 2004-09-30

Family

ID=9954841

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2003/005320 WO2004084522A1 (en) 2003-03-15 2003-12-05 Client web service access

Country Status (9)

Country Link
US (1) US20070005777A1 (en)
EP (1) EP1604506B1 (en)
KR (1) KR100800350B1 (en)
CN (1) CN100563260C (en)
AT (1) ATE353518T1 (en)
AU (1) AU2003285597A1 (en)
DE (1) DE60311684T2 (en)
GB (1) GB0305959D0 (en)
WO (1) WO2004084522A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004090750A2 (en) * 2003-04-12 2004-10-21 International Business Machines Corporation Access to web services
EP1675022A1 (en) * 2004-12-22 2006-06-28 Sap Ag A method and a system for integrating semantic web services into a existing web service infrastructure
WO2006106010A1 (en) * 2005-04-06 2006-10-12 International Business Machines Corporation Method and system for implementing authorization policies for web services
FR2887718A1 (en) * 2005-09-30 2006-12-29 France Telecom Interception device e.g. computer, for Internet type telecommunication network, has ROM with program storing HTTP requests in buffer, retransmitting requests to server and client and storing requests in computing file in XML format
EP1975820A1 (en) * 2007-03-26 2008-10-01 Symantec Corporation Web services intermediary for sharing a single key
JP2010511236A (en) * 2006-11-30 2010-04-08 インターナショナル・ビジネス・マシーンズ・コーポレーション Method, apparatus and computer program for changing an endpoint reference representing a web service endpoint
EP2241159A2 (en) * 2008-01-28 2010-10-20 Microsoft Corporation Message processing engine with a virtual network interface

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7249195B2 (en) 2001-03-30 2007-07-24 Minor Ventures, Llc Apparatus and methods for correlating messages sent between services
US9106479B1 (en) * 2003-07-10 2015-08-11 F5 Networks, Inc. System and method for managing network communications
US7404189B2 (en) 2003-12-30 2008-07-22 International Business Machines Corporation Scheduler supporting web service invocation
US7802007B2 (en) * 2004-05-19 2010-09-21 Salesforce.Com, Inc. Techniques for providing connections to services in a network environment
US8615601B2 (en) * 2004-05-21 2013-12-24 Oracle International Corporation Liquid computing
US7681202B2 (en) * 2004-05-21 2010-03-16 Sap Portals Israel Ltd. Portal runtime framework
US7653008B2 (en) 2004-05-21 2010-01-26 Bea Systems, Inc. Dynamically configurable service oriented architecture
US7774485B2 (en) * 2004-05-21 2010-08-10 Bea Systems, Inc. Dynamic service composition and orchestration
US8312132B2 (en) 2004-08-20 2012-11-13 Core Wireless Licensing S.A.R.L. Context data in UPNP service information
US20060106856A1 (en) * 2004-11-04 2006-05-18 International Business Machines Corporation Method and system for dynamic transform and load of data from a data source defined by metadata into a data store defined by metadata
US7509398B2 (en) * 2005-01-13 2009-03-24 International Business Machines Corporation System and method for protocol independent access and invocation of web services
FR2880716A1 (en) * 2005-01-13 2006-07-14 Gemplus Sa CUSTOMIZATION OF SERVICE IN A TERMINAL DEVICE
US9692725B2 (en) 2005-05-26 2017-06-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US8943304B2 (en) * 2006-08-03 2015-01-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9621666B2 (en) 2005-05-26 2017-04-11 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US9407608B2 (en) 2005-05-26 2016-08-02 Citrix Systems, Inc. Systems and methods for enhanced client side policy
US8819181B2 (en) * 2006-03-17 2014-08-26 Apple Inc. Adaptable network service access through dynamic request routing
US8561155B2 (en) * 2006-08-03 2013-10-15 Citrix Systems, Inc. Systems and methods for using a client agent to manage HTTP authentication cookies
US8392977B2 (en) * 2006-08-03 2013-03-05 Citrix Systems, Inc. Systems and methods for using a client agent to manage HTTP authentication cookies
CN101127757B (en) * 2006-08-18 2011-02-09 国际商业机器公司 Method and device for controlling Web service policy
US20080104203A1 (en) * 2006-10-31 2008-05-01 Microsoft Corporation Viewing Digital Information Over a Network
US8380880B2 (en) * 2007-02-02 2013-02-19 The Mathworks, Inc. Scalable architecture
US7849224B2 (en) * 2007-09-17 2010-12-07 Gm Global Technology Operations, Inc. Method and apparatus for implementing a mobile server
US7822828B2 (en) * 2007-09-17 2010-10-26 Gm Global Technology Operations, Inc. System for using non-standard transfer protocol from software received at in-vehicle communications gateway for exchanging data with client device
US7818403B2 (en) * 2007-09-17 2010-10-19 Gm Global Technology Operations, Inc. System for using non-standard transfer protocol from software received at client device for exchanging data with in-vehicle communications gateway
US20090132463A1 (en) * 2007-11-19 2009-05-21 Emericon, L.L.C. System and method for facilitating transition between ibm® websphere® mq workflow and ibm® websphere® process server
US8090877B2 (en) * 2008-01-26 2012-01-03 Citrix Systems, Inc. Systems and methods for fine grain policy driven cookie proxying
DE102008002787A1 (en) * 2008-02-29 2009-09-03 Schneider Electric Gmbh 4-phase interaction patterns based on port-type protocols for using lifecycles of services provided by service-oriented devices
US7904561B2 (en) * 2008-05-15 2011-03-08 International Business Machines Corporation Brokering mobile web services
US20090307233A1 (en) * 2008-06-02 2009-12-10 Guorui Zhang Efficient Handling of PMU Data for Wide Area Power System Monitoring and Visualization
US20100031309A1 (en) * 2008-07-31 2010-02-04 International Business Machines Corporation Policy based control of message delivery
US8661334B1 (en) * 2010-03-30 2014-02-25 Amazon Technologies, Inc. Mapping behavior to data
US8380845B2 (en) 2010-10-08 2013-02-19 Microsoft Corporation Providing a monitoring service in a cloud-based computing environment
US8843632B2 (en) 2010-10-11 2014-09-23 Microsoft Corporation Allocation of resources between web services in a composite service
US8959219B2 (en) 2010-10-18 2015-02-17 Microsoft Technology Licensing, Llc Dynamic rerouting of service requests between service endpoints for web services in a composite service
US8874787B2 (en) * 2010-10-20 2014-10-28 Microsoft Corporation Optimized consumption of third-party web services in a composite service
US8510426B2 (en) 2010-10-20 2013-08-13 Microsoft Corporation Communication and coordination between web services in a cloud-based computing environment
CN103392320B (en) 2010-12-29 2016-08-31 思杰系统有限公司 Encrypted item is carried out the system and method that multilamellar labelling determines to provide extra safely effectively encrypted item
CN102790712B (en) * 2011-05-17 2015-07-15 北京航空航天大学 Web service security treatment method and system
US9609077B1 (en) * 2012-05-30 2017-03-28 Crimson Corporation Forwarding content on a client based on a request
RU2635276C1 (en) * 2016-06-24 2017-11-09 Акционерное общество "Лаборатория Касперского" Safe authentication with login and password in internet network using additional two-factor authentication
CN109284968B (en) * 2017-07-19 2022-02-01 华润微电子(重庆)有限公司 Management method of signing system, readable storage medium and server
DE102022107431B3 (en) 2022-03-29 2023-05-11 Volkswagen Aktiengesellschaft Method for retrofitting socks compatibility for at least one application in a motor vehicle and correspondingly equipped motor vehicle

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6029175A (en) * 1995-10-26 2000-02-22 Teknowledge Corporation Automatic retrieval of changed files by a network software agent
US6173322B1 (en) * 1997-06-05 2001-01-09 Silicon Graphics, Inc. Network request distribution based on static rules and dynamic performance data

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6097882A (en) * 1995-06-30 2000-08-01 Digital Equipment Corporation Method and apparatus of improving network performance and network availability in a client-server network by transparently replicating a network service
US5781550A (en) * 1996-02-02 1998-07-14 Digital Equipment Corporation Transparent and secure network gateway
US5673322A (en) * 1996-03-22 1997-09-30 Bell Communications Research, Inc. System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks
US6016516A (en) * 1996-08-07 2000-01-18 Fuji Xerox Co. Ltd. Remote procedure processing device used by at least two linked computer systems
US5892903A (en) * 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US6247050B1 (en) * 1997-09-12 2001-06-12 Intel Corporation System for collecting and displaying performance improvement information for a computer
US6470386B1 (en) * 1997-09-26 2002-10-22 Worldcom, Inc. Integrated proxy interface for web based telecommunications management tools
CA2228687A1 (en) * 1998-02-04 1999-08-04 Brett Howard Secured virtual private networks
US6732175B1 (en) * 2000-04-13 2004-05-04 Intel Corporation Network apparatus for switching based on content of application data
US6922832B2 (en) * 2000-12-12 2005-07-26 Lockheed Martin Corporation Execution of dynamic services in a flexible architecture for e-commerce
GB2400964B (en) * 2001-05-02 2004-12-29 Virtual Access Ltd Secure payment method and system
US20030163450A1 (en) * 2001-05-25 2003-08-28 Joram Borenstein Brokering semantics between web services
US7254614B2 (en) * 2001-11-20 2007-08-07 Nokia Corporation Web services push gateway

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6029175A (en) * 1995-10-26 2000-02-22 Teknowledge Corporation Automatic retrieval of changed files by a network software agent
US6173322B1 (en) * 1997-06-05 2001-01-09 Silicon Graphics, Inc. Network request distribution based on static rules and dynamic performance data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WINSBOROUGH W H ET AL: "Automated trust negotiation", DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, 2000. DISCEX '00. PROCEEDINGS HILTON HEAD, SC, USA 25-27 JAN. 2000, LAS ALAMITOS, CA, USA,IEEE COMPUT. SOC, US, 25 January 2000 (2000-01-25), pages 88 - 102, XP010371169, ISBN: 0-7695-0490-6 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004090750A2 (en) * 2003-04-12 2004-10-21 International Business Machines Corporation Access to web services
WO2004090750A3 (en) * 2003-04-12 2005-03-24 Ibm Access to web services
EP1675022A1 (en) * 2004-12-22 2006-06-28 Sap Ag A method and a system for integrating semantic web services into a existing web service infrastructure
WO2006106010A1 (en) * 2005-04-06 2006-10-12 International Business Machines Corporation Method and system for implementing authorization policies for web services
JP2008537823A (en) * 2005-04-06 2008-09-25 インターナショナル・ビジネス・マシーンズ・コーポレーション Method, system, and computer program for realizing authorization policy for Web service (method and system for realizing authorization policy for Web service)
US7657924B2 (en) 2005-04-06 2010-02-02 International Business Machines Corporation Method and system for implementing authorization policies for web services
FR2887718A1 (en) * 2005-09-30 2006-12-29 France Telecom Interception device e.g. computer, for Internet type telecommunication network, has ROM with program storing HTTP requests in buffer, retransmitting requests to server and client and storing requests in computing file in XML format
JP2010511236A (en) * 2006-11-30 2010-04-08 インターナショナル・ビジネス・マシーンズ・コーポレーション Method, apparatus and computer program for changing an endpoint reference representing a web service endpoint
US9762678B2 (en) * 2006-11-30 2017-09-12 International Business Machines Corporation Method, apparatus and computer program for modifying an endpoint reference representing a web service endpoint
EP1975820A1 (en) * 2007-03-26 2008-10-01 Symantec Corporation Web services intermediary for sharing a single key
EP2241159A2 (en) * 2008-01-28 2010-10-20 Microsoft Corporation Message processing engine with a virtual network interface
EP2241159A4 (en) * 2008-01-28 2013-02-13 Microsoft Corp Message processing engine with a virtual network interface

Also Published As

Publication number Publication date
ATE353518T1 (en) 2007-02-15
US20070005777A1 (en) 2007-01-04
KR20050117521A (en) 2005-12-14
AU2003285597A1 (en) 2004-10-11
CN100563260C (en) 2009-11-25
GB0305959D0 (en) 2003-04-23
DE60311684D1 (en) 2007-03-22
CN1692617A (en) 2005-11-02
EP1604506B1 (en) 2007-02-07
EP1604506A1 (en) 2005-12-14
DE60311684T2 (en) 2007-11-22
KR100800350B1 (en) 2008-02-04

Similar Documents

Publication Publication Date Title
EP1604506B1 (en) Client web service access
US8543644B2 (en) URL-based sticky routing tokens using a server-side cookie jar
US7003799B2 (en) Secure routable file upload/download across the internet
EP1385310B1 (en) System and method for providing content-oriented services to content providers and content consumers
US7903656B2 (en) Method and system for message routing based on privacy policies
US7213071B2 (en) Quality of service improvements for network transactions
US7530099B2 (en) Method and system for a single-sign-on mechanism within application service provider (ASP) aggregation
US7418485B2 (en) System and method for addressing networked terminals via pseudonym translation
EP1379045B1 (en) Arrangement and method for protecting end user data
US20060021004A1 (en) Method and system for externalized HTTP authentication
US20060020508A1 (en) Proxy-based profile management to deliver personalized services
US20070124477A1 (en) Load Balancing System
Ashley et al. Wired versus wireless security: The Internet, WAP and iMode for e-commerce
EP1684482B1 (en) System and method for managing communication for component applications
JP5039053B2 (en) Method and system for externalizing HTTP security message processing with macro support
US8499031B1 (en) Markup language messaging service for secure access by edge applications
Urien Internet smartcard benefits for Internet security issues
US20030135618A1 (en) Computer network for providing services and a method of providing services with a computer network
Cisco Release Notes for Cisco LocalDirector Version 4.1.1
KR100629792B1 (en) A request handler and it's processing method for Biz Common Platform
Zirngibl et al. QUIC Hunter: Finding QUIC Deployments and Identifying Server Libraries Across the Internet
WO2004088953A1 (en) A method and apparatus for accessing data on a computer network
Banerjee Application Layer Concepts and Design Issues

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 20038A07154

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 1020057015056

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2003285597

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 2003778596

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 4607/DELNP/2005

Country of ref document: IN

WWP Wipo information: published in national office

Ref document number: 2003778596

Country of ref document: EP

Ref document number: 1020057015056

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2007005777

Country of ref document: US

Ref document number: 10549051

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 10549051

Country of ref document: US

WWG Wipo information: grant in national office

Ref document number: 2003778596

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: JP