• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

WebServices - How it is working

 
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi

I have got a new job. One of our client uses webservices to send us request and then we process their request and send a response back. So far So Good. We have a WSDL document. In this we have recieving parameters and their types declared. A method called launch session is called when a request is recieved. This method and its arguments are there in WSDL document. Then we also send a response back using soap. one of the parameters that are in wsdl document is userId. I assume this id is being sent by the client so we can identify him.

Now our client wants to be able to use multiple servers at the same time. The solution is that he will going to send us a different Id and thats how we'll know it came from another server so when we are done processing we will send a response back to this second server not the first one.

Can anyone please tell me if I am missing anything in how this process is working. I mean just wsdl document is all I need to recieve request from client and can I use the same WSDL document? Can anyone please identify if there is something important I am missing.

Your help is really appreciated.
Thanks
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you run a WS, then all your customers machines are clients, not servers. It doesn't matter at all where the requests come from; they're indentified by their IP address, and the response will automatically go to the right machine. The WSDL document is independent of the client, and would not change.
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sir
Thank you so much for your answer. So where do I configure this second IP address or I mean where is this IP address configured.

Your reply is really appreciated. I am fresh from college and I hope you dont mind answering these basic questions.

Thanks again
Imad
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Now I'm confused. Are you talking about a synchronous WS (where the connection is kept open until the request is finished, and the response is sent back through the same connection) or an asynchronous WS (where the request comes in, and is processed and the response sent back at some later time)?

Because in the former case, it does not matter where the request comes from - the response is sent back through the same connection. From the request you can find out the IP address it originated from, but you don't really need it.

In the latter case, you will indeed need to know the IP address of the requestor and store it (so you know where to send the response), but you'll also need to know the full WS endpoint (port, name etc.), because you're not just responding, you're making a full WS call (to a service having a different WSDL).

Which of these scenarios describes your setup?
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Alright. I am even more confused

What happens their request comes in through webserice. How probably I am not fully aware. But once the request comes in one of our class's method launchSession is called. and then we process the request.

and there is another class we have that is specifically created for this client. Class name is RSANCommunicator. then at one point we use this class's method sendMessage (Object param). This class has hard coded URL of this client actually three URL's.

http://test1.roamalert.net/webservices/r911_reply.cgi
http://www.roamsecure.net/R911#confirm_receipt
http://www.roamsecure.net/R911#accept_canned_reply

Now the client says he wants another server(or machine as you said) to be able to send alerts to our system. This new machine will going to have the following URL

http://test2.roamalert.net/webservices/r911_reply.cgi

rest two url's he says dont matter.

Probably I am more confusing you but if you are getting any idea of what I am trying to do please help me.

I can copy and paste code of this RSANCommunicator class if you want me to.

It basically uses following two classes from SOAP

Call
Fault

Waiting for your reply.
Thanks a lot.
Imad
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi I forgot to mention one thing.

I think what I am more worried about is what do I do to make sure I recieve a request from them. I think I will not going to have a big problem if once I recieve their request. But what if they say they are sending a message and I am not recieving on my end?

Hope this is less confusing.
Thanks
Imad
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It sounds like you are indeed making a WS call of your own, so you will need the full endpoint address (including IP) of the originating server.

I wouldn't worry about not receving connections. If the client can't make a service call (because your servers are not reachable or the service is down), they would get an error message saying as much.
TCP is a reliable protocol, it will make sure that either a connection is made and the data transmitted, or it will generate an error.
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So I should ask the client for full end point address and then where should I configure it. In windows or my java program or where? I have already turned off the firewall. We are using windows XP to serve this client.

Thanks
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
we also have a file called jaxrpc-mapping.xml in which we have the methods and their arguments declared.

This might help you to understand what is happening.
Thanks
Imad
 
Bartender
Posts: 2968
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


I have already turned off the firewall. We are using windows XP to serve this client.


Very Bad Idea - unless your organization is already protected by a set of fire-walls protecting the intranet from the internet.
You do not want to invite more trouble than you already have.
The fact that web services use HTTP is one of the advantages of the technology so opening your firewall on port 80 for http and port 443 for https should be enough.
Customizing Windows Firewall
How to manually open ports in Internet Connection Firewall in Windows XP
If possible, you may even want to configure IP address filters on your Web Server to restrict it to accesses from your client(s).

Some of the confusion may come from the overloading of the terms "Request" and "Response". There are the service request and service response - then there are the HTTP request and HTTP response. You may want to review the following articles to get some of the concepts and terms clarified (to help communication in this thread):

Asynchronous operations and Web services, Part 2
Asynchronous operations and Web services, Part 1: A primer on asynchronous transactions

Looks to me that you are running a "Request/reply operation with posting" setup.
If that is true your client's Service request will start with an HTTP request to your web site/service and ends with an HTTP response (marked as a Reply in the above article) returned from your web site/service to your client.


I think what I am more worried about is what do I do to make sure I recieve a request from them.


They should not assume that their service request has been received, unless they receive an HTTP response (Reply) from your service indicating the request has been successfully received. Ideally that reply will contain a service request correlation id which they store and you log in case of any future problems. They should not assume that you received the service request if:
  • The did not get an HTTP response (in effect the service request is incomplete).
  • They received an HTTP response code other than 200 OK or 202 accepted.
  • The response they received contained a SOAP fault (This is usually associated with a 500 Internal Server Error response code anyway).

  • One of the parameters that are in wsdl document is userId. I assume this id is being sent by the client so we can identify him.


    One thing I don't see you mentioning is the WSDL of your web service, the one that your client is sending the service requests to. That WSDL would tell you if and where that user ID is supplied.


    The solution is that he will going to send us a different Id and thats how we'll know it came from another server so when we are done processing we will send a response back to this second server not the first one


    That requires that you have a previously agreed on user ID to service response destination mapping. I presume they do not want to include the service response destination in the service request for security reasons?

    In any case you should be able to configure the endpoint address for your service response with the javax.xml.rpc.Stub API on the JAX-RPC generated stub that you are using. Call the _setProperty(String name, Object value) in the Stub interface to set the ENDPOINT_ADDRESS_PROPERTY property.
    [ November 10, 2005: Message edited by: Peer Reynders ]
     
    Muhammad Imad Qureshi
    Ranch Hand
    Posts: 238
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hi
    Thank you so much for your detailed reply and also thanks to Ulf Dittmer for continuously trying to help me.

    I am right now reading the articles you provided the link for. Here is the code for my RSAN Communicator class. This might give you some idea. Whenever we get a request from first server the first method that is called is launch session and this method is configured in wsdl document (configured -- I dont know if this is the right terminology).

    I am not able to paste the code but I can tell you the methods being used.

    From Call class following methids are used.

    call_CONFIRM_RECIEPTt.setTargetObjectURI("http://www.roamsecure.net/R911#confirm_receipt");
    callConfirmReciept.setMethodName ("confirm_reciept");

    call_Accept_Canned_Reply.setTargetObjectURI("http://www.roamsecure.net/R911#accept_canned_reply");
    call_Accept_Canned_Reply.setMethodName ("accept_canned_reply");

    call_CONFIRM_RECEIPT.setEncodingStyleURI(Constants.NS_URI_SOAP_ENC);
    call_ACCEPT_CANNED_REPLY.setEncodingURI ( Constants.NS_URI_SOAP_ENC);
    then set params for both.

    and then call invoke method on both.

    I hope now you have a fair idea of what is happening.
    Thanks again
    Imad
     
    Muhammad Imad Qureshi
    Ranch Hand
    Posts: 238
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Onr more thing to add is that there are no stub classes. I see none in my project or even in any folder. I have searched in my prject folder in file system and i dont have any stub class.

    Thanks
    Imad
     
    Peer Reynders
    Bartender
    Posts: 2968
    6
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Going by the method names used it looks like you are using the org.apache.soap.rpc.Call from the Apache SOAP project, which I think has been replaced in the client-side Axis API with org.apache.axis.client.Call.
    However it looks like these calls are all going to www.roamsecure.net/R911

    Originally posted by Muhammad Imad Qureshi:
    This class has hard coded URL of this client actually three URL's.

    http://test1.roamalert.net/webservices/r911_reply.cgi
    http://www.roamsecure.net/R911#confirm_receipt
    http://www.roamsecure.net/R911#accept_canned_reply

    Now the client says he wants another server(or machine as you said) to be able to send alerts to our system. This new machine will going to have the following URL

    http://test2.roamalert.net/webservices/r911_reply.cgi

    rest two url's he says dont matter.


    So really the destination of your Service Response does not change. The issue is can a service request come from another server? In principle there is nothing restricting the origin of a service request to a web service unless something was put in place by your organization. Normally this is handled through some kind of user authentication process so that the user/client can make a request from anywhere. With more stringent restrictions in place, the access to the web service could be restricted to a certain machine - that however is not handled by the web service - that is handled by the web server hosting the web service by applying an IP address filter. So in essence you need to add the test2 server to the IP address filter (if one is in place) of the web server that hosts your web service that receives the service request from your organization's client. How IP filtering is accomplished depends on the web server you are using. IIS on XP doesn't have the capability (IIS on the server versions does) but someone may have written/bought an ISAPI filter to accomplish this. And with the Apache HTTP server its most likely done with the mod_access module (1.3,2.0).

    Originally posted by Muhammad Imad Qureshi:
    Onr more thing to add is that there are no stub classes.


    That's because your setup seems to be using Apache WS-SOAP, not Apache Axis JAX-RPC.
    [ November 11, 2005: Message edited by: Peer Reynders ]
     
    Muhammad Imad Qureshi
    Ranch Hand
    Posts: 238
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Thank you so much for your help. I have asked the client to send me a message from test2.roamalert.net but he has not done it yet. All I have asked him is to chnage the user which I think should not even matter. But thank you so much for your so much detailed replies.

    I might post something if a problem occurs once we have started testing it.
    Thanks again man.
    Imad
     
    reply
      Bookmark Topic Watch Topic
    • New Topic