View
35
Download
3
Category
Tags:
Preview:
DESCRIPTION
Dyalog’08. Conga, SSL and WebServices. Morten Kromberg Dyalog’08 - Elsinore. Agenda. Demo / Introduction to: Conga – for remote communication Secure Communication using SSL/TLS The ”Stand Alone Web Service” (SAWS). Conga - Introduction. - PowerPoint PPT Presentation
Citation preview
Conga, SSL & WebServices Dyalog’08 3
Agenda
• Demo / Introduction to:
• Conga – for remote communication• Secure Communication using SSL/TLS• The ”Stand Alone Web Service” (SAWS)
Dyalog’08 4
Conga - Introduction
• Replaces TCPSocket Objects as the PREFERRED tool for communications
• TCPSocket Objects are very general and close to the TCP Protocol
• Most APL applications only use a small subset of the features of TCP
• APL’ers have trouble opening & closing connections and handling errors ”correctly”
• ⎕DQ makes TCPSockets interfere with GUI and multi-tier applications are very hard to code
Conga, SSL & WebServices
7
Conga - Summary
• Easier to use than TCPSocket objects: More reliable applications
• Supports multi-tier, multi-threaded applications very well
• Supports ”Secure” Communications• Many coding samples: Web Client, Web
Server, RPC Server, FTP Client, Time Of Day Server – including Secure Samples
Conga, SSL & WebServices Dyalog’08
Secure Communication
• From version 12.0.3 (August 2008), Conga supports secure communication via TCP/IP using SSL/TLS:
• Messages can only be read by the intended recipient
• The identity of your ”Peer” can be verified
• Messages cannot be modified en route
8Conga, SSL & WebServices Dyalog’08
9
SSL / TLS
• ”Transport Layer Security” (TLS) replaces old term ”Secure Socket Layer” (SSL)
• Each user (or ”endpoint”) needs:– A public certificate– A private key– And a collection to ”root certificates”
from ”certificate authorities”
Conga, SSL & WebServices Dyalog’08
TLS / SSL – How it works?• You send your Public Certificate to
everyone you want to talk to• You keep your Private Key Secret!• Information encoded with one of the
above can be decoded using the other• Allows encrypted communication which
cannot be tampered with or falsified• (If you trust the ”Certificate
Authorities”)10Conga, SSL & WebServices Dyalog’08
Certificate Authorities
• A User Certificate is ”signed” using the private key of a Certificate Authority (CA)
• Each CA issues a ”Root Certificate” which can be used to validatea User Certificate
• Companies can alsoissue own certs forinternal use
11Conga, SSL & WebServices Dyalog’08
Using TLS from APL ...
• Any sufficiently advanced technology is indistinguishable from magic.
... Arthur C Clarke (1961)
• In other words: It’s easy ... Let’s take a look
12Conga, SSL & WebServices Dyalog’08
14
TLS Summary
• With Conga, Dyalog applications can easily use secure services over the network
• Web Services or Web Servers written in APL can also be secured
Conga, SSL & WebServices Dyalog’08
Service Oriented APL• Many APL applications are well suited to
being converted into ”services”• This makes them very easy to integrate into
almost any modern application• Can make IT managers and users of other
languages more comfortable about APL• We believe that SOA opens up many new
avenues for APL-based services• (using other peoples services is also nice )
15Conga, SSL & WebServices Dyalog’08
Web Services
• The most widely used mechanism for implementing ”SOA”
• Supported by Microsoft, Unixes, Mainframes – just about any web development tool
• Wikipedia: ”Communication over a network using XML messages that follow the SOAP standard”
16Conga, SSL & WebServices Dyalog’08
WS Protocols: SOAP
• SOAP: ”Simple” Object Access Protocol (not)
• <?xml version="1.0"?><SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SOAP-ENV:Body> <GetStats xmlns="http://localhost/MyWebService/"> <Input>1 2 3 4 4</Input> </GetStats> </SOAP-ENV:Body></SOAP-ENV:Envelope>
17Conga, SSL & WebServices Dyalog’08
19
Introducing SAWS
• Stand-Alone WebService Framework• Our goal is to make it VERY easy for APL
users to use AND provide ”SOA” components
• Anyone who is able to write an APL function should be able to:– Call existing Web Services– Publish APL functions as Web Services
• SAWS manages the SOAP and WSDLConga, SSL & WebServices Dyalog’08
20
Calling WebSevices
• More and more Public Web Services are available on the internet
• The number is growing rapidly• You can Google for them...
Conga, SSL & WebServices Dyalog’08
Providing Web Services
• Any APL Application can be turned into a WebService using SAWS
• You should provide information that SAWS can use to build the WSDL
• SAWS handles the rest
24Conga, SSL & WebServices Dyalog’08
SAWS Summary
• Provides complete support for ”consuming” and ”providing” Web Services
• ... without requiring installation of infrastructure components like Microsoft IIS, Apache, IBM WebSphere
• SAWS also exposes a web page as documentation
33Conga, SSL & WebServices Dyalog’08
Dyalog’08 35
Summary
• ”Service Oriented Architectures” can help APL integrate with most IT infrastructures
• ”Stand-alone” web servers and services are very easier to test AND deploy
• Now they are easily secured, they may be all you need for many applications
• (In some situations, there will be still be good reasons to integrate with IIS / Apache etc)
Conga, SSL & WebServices
Recommended