Exposing a service through Sentinets Virtual Service concept


This time we will follow up on the Service Virtualization concept I mentioned in my previous post.
  • Service redesign
  • Apply security
  • Monitoring
Service redesign Why? A webservice might not have been developed by your team, a changes in the web service should not break your existing implementation, it might not meet certain standards, resulting for example as shown in the figure below, in a ‘large’ wsdl which contains a lot of methods, of which you only need one. Consider the port in BizTalk generated based on a web service, it is generated with every method defined in the webservice, if one of the methods changes, it will lead to a broken solution, although we only needed to implement a single method.

  clip_image002
  http://abdulrafaysbiztalk.wordpress.com/

We can change this by defining a Virtual Service layer around the webservice, for this, we will use the public Geoipservice which (unfortunately) only exposes 2 methods (but I think the example provides a good example);

clip_image004







1) GetGeoIPContext
2) GetGeoIP


Time to fire up Sentinet;

image
Sentinet is a web-based product where you can build of a repository of artefacts such as Access rules, Services, Policies, etc)
We will import the wsdl of the GeoIPService by added a new SOAP service, after which we will get a dialog where we should paste the wsdl;
image
It will download the metadata;
image
And display the metadata extracted from the wsdl, and allows us to define if we will directly use the service by ticking ‘Add service in active state’ (if not, we can prevent this service to be accessible from Sentinet after the import);
image
After the import, when can view the details of our service;
image
image
And start with….Virtualisation, we click on the Node (physical endpoint where we host the service) and define the type of service we would like to create;
image
Note: We can select SOAP (WCF bindings) and as well REST, so already…we can do transport mediation, our service can be exposed with a different binding with which it was exposed originally.
We define metadata about the service;
image
And that’s it….altough the service won’t do anything yet….
image
The next step is to design the service, and this is where the magic will happen;
image
The designer allows us to REDEFINE the WSDL, we can define one or multiple endpoints, and even add methods from one or multiple webservices…we can combine service, change service expose, and as we will see later on, control the security.
We will modify the service, so we need to click on ‘Modify’;
image
We can drop the GeoIPService (imported WSDL) on the designer of the Virtual Service, this by dragging it from the repository to the designer;
image
This will update the designer;
image
By selecting the methods we want to expose;
image
We can control how the virtual service will be exposed! Additionally, we can define where to host the service, by selecting a Node;
image
This allows us to modify how we expose the Virtual Webservice;
image
We will select a policy, which is a WCF-Binding, applied to the endpoint;
image
Note: We can define ‘common’ bindings and place them in a shared repository, allowing company policies.
In this case we will select the basicHttp binding;
image
So at this point, we have redesigned the service, changed the endpoint, how about setting up securiity?
Sentinet provides access rules, which can be design in a graphical designer, as well as defined in an Xml editor. You can actually copy-paste the Xml and the designer will update. There are a lot of predefined keywords available, for instance the Transaction Count.
Let’s assume that the webservice should not be called more than 5x a minute, we can define a Dos Attack Protection rule, this will block requests exceeding this rule! We can define our customer behavior as there is a .Net extension point, but it already possible to apply rules based on security (is a certificate provided, is a SAML token available with certain metadata, is a specific value in the message defined etc;
image
We can drag the rule to the Web service, and even to specific methods (however, there’s only 1 left after our redesign Knipogende emoticon);
image
We can define multiple rules, and define which rule has precedence;
image
Our service definition is now complete, however our service is not exposed, we can do this by promoting our service;
image
We will promote our service, which places it in the active state;
image

So that’s it, we have created our virtual service, in the next post we will use it and monitor it by using the additional monitoring capabilities of Sentinet.

Kind regards,
Sander
Tags van Technorati: ,








Comments

Post a Comment

Popular posts from this blog

Azure implementation guidelines

In My post ‘ Service Bus Management ’ I pointed out a way of implementing a DTAP strategy for managing the Service Bus environment. There’s now a great post available from Microsoft which goes into more detail about other aspects of managing the Azure subscriptions and other artefacts which is quite useful when setting up your Azure environments. Follow this link to the ‘Azure Implementation Guidelines’ HTH, Sander
Read more

UK Connected Systems User Group – BizTalk Services questions

This Wednesday I’m attending the CSUG – The Hybrid Organisation (sold out!). During my evaluation of several Integration products (BizTalk / BizTalk Services / Neuron ESB / MuleESB) I had some concerns/questions on BizTalk Services. My goal is to get answers on the following scenario a) I receive a HTTP Post with an Xml Body payload b) This contains a signature which i need to validate c) Transform the Xml body payload to another Xml message d) Perform a HTTP Post with the new Xml message to an external HTTP url and sign the message e) Route the response back, similar to the aforementioned steps, where an error needs to be mapped to a dedicated error response Challenges I'm wondering how to cope with some of the following challenges in this scenario, and would like to know resource information available which addresses some of these challenges; Validating / Signing of messages A requirement is to validate the incoming message by inspecting an signature in the message
Read more

Setting up a build server with the BizTalk Deployment Framework

Image
This chapter describes the steps to a TFS Build Server to set up BizTalk deployment with the following functionality: • Build solution • Perform unit testing Using BizUnit • Create Deployment Packages Using BDTF • Deploy to Server Using R packages created in previous step • Create documentation BizTalkDocumenter For this the following steps are required: • Installation Components (30 min) • Configuring a build account (30 min) • Setting up the build service (30 min) • Scrum template installation (30 min) • Share for the build output directory (10 min) • Adjustments Build Template for use BTDF (30 min) • Design of build definitions (60 min) • Setting BTDF (60 min) • Use BTDF • Build execution / scheduling UPDATE (21-06-2013) - When using sharedassemblies, the following URL is a big help http://mohamedradwan.wordpress.com/2013/01/31/set-custom-assemblies-path-for-host-build-service-on-the-cloud/ - For viewing the basic instructions a video is available on the following blog http:
Read more