This topic provides relevant supplemental information about the following Web services-related topics:
Including the WebSphere Version 5 Web Services Handbook
Including developing Web services based on the Java 2 platform, Enterprise Edition (J2EE) and Java API for XML-based remote procedure call (JAX-RPC) specifications.
Including an overview about UDDI and information about the UDDI Java API.
A look into the Apache Software Foundation and its maintenance of WSIF.
Including an overview about SOAP and information about the SOAP syntax and processing rules.
Including a roadmap to security, the WS-Security specification, best practices, a profile of the OASIS Security Assertion Markup Language (SAML) and more.
Includes WebSphere Application Server Samples Gallery and Samples Central for Web services gateway, UDDI and WSIF.
These links are provided for convenience. Often, the information is not specific to the IBM WebSphere Application Server product, but is useful all or in part for understanding the product. When possible, links are provided to technical papers and Redbooks that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas.
Web services overview
This IBM Redbook describes the new concept of Web services from various perspectives. It presents the major building blocks Web services rely on. Well-defined standards and new concepts are presented and discussed.
Introducing IBM Web services, a distributed software architecture of service components. This brief overview and in-depth interview on IBM DeveloperWorks cover the fundamental concepts of Web services architecture and what they mean for developers. The interview with IBM professional Rod Smith explores which types of developers Web services targets, how Web services reduces development time, what developers could be doing with Web services now, and takes a glance at the economics of dynamically discoverable services.
This article focuses on the benefits and challenges of building Web services applications. Web services might be an evolutionary step in designing distributed applications, however, they are not without their problems. Outlined are the difficulties developers face in creating a truly workable distributed system of Web services. This article also outlines author Graham Glass' plan for building peer-to-peer Web applications.
Developing Web services
This document describes the Java 2 platform, Enterprise Edition (J2EE) specification.
This document reviews the JAX-RPC specification which enables Java technology developers to develop SOAP-based interoperable and portable Web services.
This article is a detailed overview of Web Services Description Language (WSDL), which includes programming specifications.
UDDI
This article is a detailed overview of Universal Description, Discovery and Integration (UDDI).
Reviewed in this article are the basics of UDDI, the Java API to UDDI, and how you can use this technology to start building, testing, and deploying your own Web services.
WSIF
SOAP
This article is a detailed overview of SOAP, which includes programming specifications.
This document specifies the syntax and processing rules of a SOAP header entry to carry digital signature information within a SOAP 1.1 Envelope
Security
This document describes a proposed model for addressing security within a Web service environment. It defines a comprehensive Web Services Security model that supports, integrates, and unifies several popular security models, mechanisms, and technologies, including both symmetric and public key technologies, in a way that enables a variety of systems to securely interoperate in a platform and language-neutral manner. It also describes a set of specifications and scenarios that show how these specifications can be used together.
The Web Services Security specifications describe enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies. Web Services Security also provides a general-purpose mechanism for associating security tokens with messages. Additionally, Web Services Security describes how to encode binary security tokens. Specifically, the specification describes how to encode X.509 certificates and Kerberos tickets, as well as how to include opaque encrypted keys. It also includes extensibility mechanisms that can be used to further describe the characteristics of the credentials that are included with a message.
This document specifies the syntax and processing rules of a SOAP header entry to carry digital signature information within a SOAP 1.1 Envelope
This document describes clarifications, enhancements, best practices, and errata of the Web Services Security specification.
This document proposes a set of standards for SOAP extensions used to increase message confidentiality.
This document describes the support for multiple token formats, trust domains, signature formats, and encyrption technologies.
This document provides a short description of the certification path API.
This document specifies XML digital signature processing rules and syntax. XML signatures provide integrity, message authentication, or signer authentication services for data of any type, whether located within the XML that includes the signature or elsewhere.
This specification describes a method for generating a physical representation, the canonical form, of an XML document that accounts for the permissible changes.
Canonical XML [XML-C14N] specifies a standard serialization of XML that, when applied to a subdocument, includes the subdocument's ancestor context including all of the namespace declarations and attributes in the "xml:"namespace.
This document specifies a process for encrypting data and representing the result in XML.
This document specifies an XML Signature "decryption transform" that enables XML Signature applications to distinguish between those XML Encryption structures that were encrypted before signing, and must not be decrypted, and those that were encrypted after signing, and must be decrypted, for the signature to validate.
This document specifies resources for the April 2002 Web Services Security Specification. The following addenda and drafts are available:
Samples
Other references
What is the current state of the Web services revolution? Find out at this Web site that features the column Web services insider, Part 1. The author answers this question by reviewing the tools and technologies that have emerged over the past year, highlighting their differences and similarities.
This is a brief summary of a W3C Web services workshop.