Session Management for Web Services with SOAPHTTP
21.2.2.4 Disadvantages of Using Web Services with SOAPHTTP
XML format of message processing is slower; therefore, messages must be smaller or must leverage compression techniques. Inherently, HTTP is stateless retains no data between invocations; therefore, it needs an explicit login for every call, leading to performance overhead. The notion of atomic transactions with state management is not supported; workarounds are session state management, where a connection can be reused for more than one request as discussed in Section 21.2.3, Session Management for Web Services with SOAPHTTP .21.2.2.5 Important Considerations for Using Web Services with SOAPHTTP
AIA requires that the developed and deployed Web services conform to published WS-I profiles to foster interoperability. ■ Leverage WS-Security to secure message exchanges using XML Encryption and XML Signature in SOAP; alternative is using secure HTTP HTTPS. ■ Leverage WS-Addressing to insert address in the SOAP header. ■ Leverage WS-ReliableMessaging to reliably deliver messages between distributed applications in the presence of software component, system, or network failures.21.2.3 Session Management for Web Services with SOAPHTTP
To overcome the disadvantage of HTTP being stateless and unable to support atomic transactions, session management is needed. This section includes the following topics: ■ Section 21.2.3.1, Session Types ■ Section 21.2.3.2, SessionToken ■ Section 21.2.3.3, Session Pool Manager21.2.3.1 Session Types
The three types of sessions are: ■ None A new session is opened for each request and then closed after a response is sent out. ■ Stateless A new session is opened for an initial request, and the session remains open for subsequent requests. Re-login occurs automatically transparent to the user if the session is closed. UsernameToken and PasswordText must be included as SOAP headers in the initial request to open a stateless session. ■ Stateful A new session is opened for an initial request, and the session remains open for subsequent requests. Re-login does not occur automatically if the session is closed. UsernameToken and PasswordText must be included as SOAP headers in the initial request to open a stateful session. For Stateless or Stateful modes, Web services are expected to return a SessionToken in the SOAP: HEADER. This depends on the application implementation. Establishing Resource Connectivity 21-721.2.3.2 SessionToken
A SessionToken is the encryption of the Session ID, UserToken, plus PasswordText. For each Stateless or Stateful call, an updated SessionToken is returned. This is as a safety measure against replay attacks. The process of updating the SessionToken does not close the session. Therefore, for the next call with the updated session token there is no re-login. The session remains open. The Session is closed when a call is posted with a Session Type set to None or a timeout occurs. After a second call you have two Session Tokens: the one returned on first call and the updated one from the second call. At this point either of these SessionTokens can be sent for a third call which returns a third SessionToken. Posting a call with Session Type set to None terminates the Session ID, so all these Session Tokens become invalid. URL and SOAP Header for the Siebel Application Examples Example 21–1 , Example 21–2 , and Example 21–3 provide the URL and SOAP header for the Siebel application examples. Example 21–1 URL for Calling the Siebel Application and Passing Login Information in the SOAP Header http:sdcp1952i028.corp.siebel.comeai_enustart.swe?SWEExtSource= SecureWebServiceSWEExtCmd=ExecuteWSSOAP=1 The SOAP header looks like this: Example 21–2 SOAP Header soapenv:Header UsernameToken xmlns=http:siebel.comwebservicesrreddyUsernameToken PasswordText xmlns=http:siebel.comwebservicesrreddyPasswordText SessionType xmlns=http:siebel.comwebservicesStatelessSessionTypesoapenv:Header The response looks like this: Example 21–3 Response to SOAP Header SOAP-ENV:Header siebel-header:SessionToken xmlns:siebel-header=http:siebel.comwebservices0f2cnvf0Ii5qsp-zk- SEyjl2p0JD-QdYLt1LYvARXQMZfAL9YL.THekJHI1cVjZbBGQckQN. cIfOGPKWKwUd6E0D4LD.VS.CKWsXw...siebel-header:SessionToken SOAP-ENV:Header21.2.3.3 Session Pool Manager
For business integration flows that require a high number of concurrent request-response calls to applications, AIA recommends that you send and receive session token information rather than sending user credentials on each call. ■ The Session Pool Manager is a service that manages a pool of session tokens to be reused for subsequent requests. ■ The sessions are persisted either in memory or in a database. ■ The login credentials and URLs are configured by an administrator in the Session Pool Manager. 21-8 Developers Guide for Oracle Application Integration Architecture Foundation Pack The implementation of the Session Pool Manager is application-specific, taking into consideration the Web service framework implementations.21.2.4 Error Handling for Web Services with SOAPHTTP
Parts
» Oracle Fusion Middleware Online Documentation Library
» How to Use the AIA Development Guide Introduction to Project Lifecycle Workbench
» Select a Service Type value: Requestor ABCS, Provider ABCS, Enterprise
» Use the query criteria in the Search area to locate the service solution component
» How to Set Up Environments to Enable Design-Time Harvesting
» Introduction to Bills of Material
» How to Generate a Bill of Material for an AIA Lifecycle Project
» How to View a Bill of Material for an AIA Lifecycle Project
» Introducing Project Lifecycle Workbench Seed Data
» Introduction Oracle Fusion Middleware Online Documentation Library
» Input for Deployment Plan Generator Executing Deployment Plan Generator
» Deploying New or Custom Built Artifacts
» Undeploying Services Oracle Fusion Middleware Online Documentation Library
» Understanding the ODIBOM.xml File
» Understanding the ODI Deployment Plan
» Understanding the Service Annotation Element
» Understanding the Reference Annotation Element Understanding the TransportDetails Element
» How to Annotate the Service Element in a Requester ABCS Composite
» How to Annotate the Service Element in Composite Business Process Composite
» Understanding EBS Types Working with the Enterprise Business Service Library
» Understanding Design Guidelines Understanding Design Considerations
» Creating Routing Rules Working with Message Routing
» Routing at the EBS Guidelines for EBS Routing Rules
» How to Implement Fire-and-Forget Pattern with EBS One-Way Calls Creating EBS WSDLs
» How to Implement the Request-Delayed Response Pattern with the Two One-Way Calls of the EBS
» ABCS Types Introduction to ABCS
» Defining the Role of the ABCS
» Constructing ABM Schemas Analyzing the Participating Application Integration Capabilities
» Introduction to MEPs Choosing the Appropriate MEP
» Outbound Interaction with the Application
» Using BPEL for Building ABCS
» Prerequisites Constructing an ABCS
» ABCS as a Composite Application How Many Components Need to Be Built
» How to Construct the ABCS Composite Using JDeveloper Developing the BPEL Process
» How to Create References, Services, and Components Moving Abstract Service WSDLs in MDS
» Setting Correlation for the Asynchronous Request-Delayed Response MEP
» Using the Programming Models for the Request-Delayed Response Pattern
» Create Invoking Enterprise Business Services
» Update Invoking Enterprise Business Services
» Delete Sync Invoking Enterprise Business Services
» Validate Invoking Enterprise Business Services
» Process Invoking Enterprise Business Services
» Query Invoking Enterprise Business Services
» Introduction to Enabling Requester ABCS for Extension
» Introduction to Enabling Provider ABCS for Extension
» How to Design Extensions-Aware ABCS
» Designing an ABCS Composite with Extension Defining Service at Extension Points
» How to Specify a Concrete WSDL at Deployment Time
» Interfacing with Transport Adapters
» How to Develop Transport Adapters When to Put Adapters in a Single Composite
» How to CAVS Enable the Requester ABCS Introduction to the CAVSEndpointURL Value Designation
» How to Ensure Transactions in AIA Services
» Transactions in Oracle Mediator Transactions in BPEL
» Developing ABCS to Participate in a Global Transaction How to Transaction-Enable AIA Services
» Guidelines for Versioning Versioning ABCS
» Introduction to Enterprise Business Flows
» How to Implement the EBF as a BPEL Service Overview of B2B Integration Using AIA
» B2B Support in AIA Error Handling Framework
» How to Identify the B2B Document Protocol
» How to Identify the B2B Document Type and Definition
» How to Identify the EBO, EBS, and EBM to Be Used How to Design Mappings for the B2B Document
» Introduction to a Provider B2B Connector Service How to Identify the Message Exchange Pattern
» How to Develop a B2BCS Service Contract
» How to Annotate B2B Connector Services
» How to Support Trading Partner-Specific Variants
» How to Enable Error Handling
» How to Route Based on Trading Partner B2B Preferences
» How to Test Using CAVS How to Test Using Dummy Trading Partner Endpoints
» Monitoring Using Oracle B2B Reports Monitoring Using Oracle Enterprise Manager Console
» How to Support Trading Partner-Specific Variants How to Enable Error Handling
» If an additional target is needed, click the Additional Target button on the Service
» Optionally, click the Save As button to save a service solution component request Click Finish.
» Updating SOA MDS with AIA MetaData Using MDS in AIA Content of AIA_HOMEAIAMetaData
» Working with AIA Components Content in AIA_HOMEAIAMetaData
» How to Change an Existing File How to Create a New File
» Introduction to the Tools Used
» Understanding Integration Styles with Integration Framework
» Bulk Data Processing Integration Style Choice Matrix
» Identifying the EBO Designing an Oracle AIA Integration Flow
» Enter your search criteria and click Search to execute a search for a particular
» Inbound Connectivity Outbound Connectivity
» When to Use Web Services with SOAPHTTP
» Session Management for Web Services with SOAPHTTP
» Error Handling for Web Services with SOAPHTTP
» Security for Web Services with SOAPHTTP Message Propagation Using Queues or Topics
» Ensuring Guaranteed Message Delivery When to Use JCA Adapters
» Outbound - Siebel Application Interaction with AIA Services Web Services with SOAPHTTP
» Inbound: E-Business Suite Application Interaction with AIA Services Concurrent Program Executable
» Business Event Subscription JCA Connectivity Using OAPPS Adapter
» Outbound: Oracle E-Business Suite Application Interaction with AIA Services
» Testing an Oracle AIA Integration Flow Design Guidelines
» Initial Data Loads High Volume Transactions with Xref Table Intermittent High Volume Transactions
» Using Error Handling Oracle Fusion Middleware Online Documentation Library
» Click OK to save your changes. Click the Generate and Deploy tab to deploy it on the OC4J server.
» Considerations for Creating Transformation Maps Handling Missing or Empty Elements
» How to Map an Optional Source Node to an Optional Target Node How to Load System IDs Dynamically
» Introduction to DVMs When to Use DVMs Using Cross-Referencing
» Standard Elements Introducing EBM Header Concepts
» Sender Introducing EBM Header Concepts
» Target Introducing EBM Header Concepts
» BusinessScope Introducing EBM Header Concepts
» Use Case: Request-Response Use Case: Asynchronous Process
» Use Case: Synchronous Process with Spawning Child Processes
» EBMTracking Introducing EBM Header Concepts
» Understanding Oracle BPEL Error Handling Understanding Oracle Mediator Error Handling
» What Do I Need to Know About Fault Policy Files
» How to Implement Fault Handling in BPEL Processes
» Guidelines for Defining Fault Policies
» Guidelines for BPEL Catch and Catch-All Blocks in Synchronous Request-Response
» Guidelines for Configuring Mediator for Handling Business Faults
» Overview Implementing Error Handling for the Synchronous Message Exchange Pattern
» Configuring Milestones Implementing Error Handling for the Synchronous Message Exchange Pattern
» Configuring Services Between Milestones
» Describing the EBMReference Element Describing the B2BMReference Element
» Describing the FaultNotification Element
» Introduction to Extending Fault Messages
» In the Error Extension Handler field on the Error Notifications page, enter the
» Introduction to Extending Error Handling Implementing an Error Handling Extension
» Synchronous Request-Reply Pattern: How to get Synchronous Response in AIA
» Asynchronous Fire-and-Forget Pattern AIA Message Processing Patterns
» Guaranteed Delivery Pattern: How to Ensure Guaranteed Delivery in AIA
» Service Routing Pattern: How to Route the Messages to Appropriate Service Provider in AIA
» Extending Existing Schemas in AIA
» Extending AIA Services Extending Existing Transformations in AIA
» Enabling Security for AIA Services
» Overriding Policies Using a Deployment Plan Testing Secured Services using CAVS
» Oracle AIA Recommendations for Policies
» AIA Security Configuration Properties
» Understanding the Structure for Security Context Using Attribute Names
» Interpreting Empty Element Tags in XML Instance Document
» Purging the Completed Composite Instances Syntactic Functional Validation of XML Messages
» Provide Provision for Throttling Capability Artifacts Centralization Separation of Concerns
» Adapters Inside ABCS Composite OR as Separate Composite AIA Governance
» Using BPEL as Glue, Not as a Programming Language
» Avoiding Global Variables Wherever Possible
» How to Use Baselines How to Handle Resource Saturation How to Use Proactive Monitoring
» How to Eliminate Bottlenecks
» How to Tune the Oracle Database Introducing Automatic Workload Repository
» Configuring Performance Related Database Initialization Parameters
» Tuning Redo Logs Location and Sizing Automatic Segment-Space Management ASSM
» Configuring Database Connections and Datasource Statement Caching
» Oracle Metadata Service MDS Performance Tuning
» Configuring SOA Infrastructure Properties
» Configuring BPEL Process Service Engine Properties
» Configuring BPEL Properties Inside a Composite
» Configuring Mediator Service Engine Properties
» How to Tune JMS Adapters How to Tune AQ Adapters
» Overview of AIA Error Handler Framework Purging the Completed Composite Instances
» How to Optimize the JVM Heap - Specifying Heap Size Values
» XML Naming Standards General Guidelines
» Composites Composite Business Process Enterprise Business Services
» Requester Application Business Connector Service Provider Application Business Connector Services
» DVMs DVMs and Cross References
Show more