Nate's Programming Blog

Wow, it seems like forever since I had this site up and by looking at the date of the last post I would be correct. Well a couple of years have passed and a lot of things have happened. I changed jobs about a year ago and I’m now working for a great company called Asynchrony.

I’ve had a great time working at Asynchrony. It is a die hard Agile shop that has one of the most interesting cultures I’ve seen. Any company where Halo is considered a team building exercise is a pretty awesome company to work for and I don’t even play Halo :). Anyway, almost the entire time that I’ve worked for Asynchrony I’ve been working on a project that involves building a SOA (Service Oriented Architecture). You might be asking yourself, “what the heck is that?” and that would be a good question to ask, because when we started this project we had no idea. It has taken sometime and a lot of research, but I think we have a better understanding of what a SOA should consist of. There are several components and services that make up a typical SOA. Its not just Web Services. We have identified what these are and have provided them in an easy to distribute VMWare image. On top of that we have used all open source technologies to create it.

A typical SOA can be broken down into 4 parts.


The presentation layer isn’t a required component of a SOA infrastructure, but can compliment a SOA in the fact that it provides visibility into that architecture. In most cases, a portal is used for the presentation tier. There are several portals on the market to choose from. Microsoft provides Sharepoint, a very popular portal implementation. There are also several open source portals, including JBoss and Liferay.


The directory provides a repository of users and groups. Attributes are used to define which users are members of what groups, etc. A popular Directory implementation in the Microsoft world is Active Directory. It implements the LDAP (Lightweight Directory Access Protocol) specification. From an open source perspective there are several choices, one very powerful Directory server is Fedora Directory Server developed for the Fedora operating system. Another alternative is the Apache Directory Server which is also a very mature product. It does not support custom schema attributes yet, but hopefully will soon.


Discovery services provide a means of exposing existing web services. One way to implement a Discovery service is to utilize the UDDI (Universal Description Discovery and Integration) specification. There are several proprietary solutions for UDDI on the market including BEA, Systinet and MS UDDI. Alternatively there is jUDDI a java based implementation of the UDDIv2 specification. There is also Novell’s Nsure UDDIv3 implementation.


An ESB (Enterprise Service Bus) provides several tools that make Web Services more powerful. It typically provides mediation and aggregation capabilities. This allows you to chain services by converting the output of one service into something that another service can consume. It also provides the ability to aggregate multiple services into a single service. ESBs usually come equipped with a BPM/BPEL process engine. BPM/BPEL allows you to define business processes that span multiple sources of data and can even include user required input without having to write custom code. BPM/BPEL products come with an graphical editor that allows you to create diagrams that represent your processes and then directly convert them into code that can be compiled or interpreted. This can be very powerful and efficient for taking existing distinct services and creating new services or processes out of them to fulfill a business need.


An ESM (Enterprise Service Management) solution allows the administrator of a SOA to monitor the services that are deployed to that SOA. It can generated reports and notification related to service health, performance and conformance state. This is extremely important in large SOA foundations in order to maintain the health of the system.


Security is another important topic and can be difficult to implement in a SOA infrastructure. There are several things that go into security when talking about Web Services. There are policies regarding authorization. Who should have access to certain web services or parts of web services. The WS-Security is a project originally developed by IBM and Microsoft and is now being developed by Oasis, a prominent figure in the SOA world. It provides a specification for securing web services. Layer 7 is a product that currently implements WSS in both a hardware and software solution. They also provide some tools for increasing the performance of web services by off loading XML, XSL and XSD processing.

Other concerns when talking about security include conformance to web service standards. Web Services should be language agnostic, meaning it shouldn’t matter whether the service is being developed in C# .Net, Java or any other language. A C# .Net web service should be able to be consumed by a Java client without any additional work needed. WS-I originally developed by IBM and Microsoft and now being developed by the WS-I Organization provides a set of specifications that ensure that a web service will be interoperable no matter what environment it was developed in.

Another form of conformance can be ensuring that a WSDL is properly documented. This is beneficial to a potential consumer. If a service is properly documented, then the support costs for a service are greatly reduced, because the consumer will be able to determine what a service does and how to use that service based on the documentation provided.

All of these concerns can be combined and defined as the Governance of a SOA infrastructure. Governance includes conformance, security, but it also includes the processes that define how a service is added to an infrastructure. There should be some process defined so that there is an audit trail of all services deployed to a SOA infrastructure. There are a few proprietary tools out on the market to help with this process. One of those tools is HP SOA Systinet Repository. It provides a repository which is the collection of information regarding web services. It provides a way to maintain information on a service through out its lifecycle, from development to production. Early exposure is always important in making a SOA a success and using a repository is a good way of collect information early and making it available to potential consumers. Repository also provides a means to execute compliance tests against web services to ensure their compatibility with the rest of the infrastructure. Finally, it provides a mechanism for promoting web services to UDDI so that they are discoverable.

A SOA can be a powerful tool to any medium to large organization that is dealing with large amounts of data and many processes. It can provide the glue and synergy a company needs to be efficient and productive. I’m thankful for the chance to work on such an exciting project and learn all that I have regarding SOAs and I look forward to continuing with this project into the future. If anyone is interested in implementing a SOA architecture and this blog post has been interesting, please contact me via the email address provided on this site and I will be more than happy to discuss options on how we can help your organization.

Name (required)

Email (required)


XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Feel free to leave a comment