WebSphere Commerce Web Services

WebSphere Commerce
WebSphere Commerce
Web Services
A WebSphere Commerce Presentation
Roy Leung
Farzana Anwar
Joshua Koudys
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Agenda
Introduction to Web service
WCS Web service architecture
Web service tooling
Problem Determination
2
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Web service flow
Service
Description
h
AP
SO
AP
s
bli
Pu
SO
Fin
d
Service
Broker
Create
Description
Service
Service
Requester
3
SOAP
Service
Provider
Bind/Invoke
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Web Service in WebSphere Commerce
IBM describes 4 phases of SOA adoption:
– 6.0.0.0 classic web service
– Feature pack 1 and 2: SOI
– Feature pack 3: SOA (BOD programming model)
4
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
How to develop a J2EE-Compliant Web Service
Client-side
– Getting WSDL
– Coding
•
Web service Client
– Client side XML descriptors
•
•
Web application XML
JAX-RPC mapping file
– Deployment
Service
Requester
5
Server-side
– Coding
•
•
Service Endpoint Interface
Implementation
– Server side XML descriptors
•
•
•
•
WSDL definition
JAX-RPC mapping file
Web application XML
WebServices XML
Service
Provider
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Artifacts
Standard Server-side:
– Coding
•
•
– Coding
Service Endpoint Interface
Implementation
•
•
Implementation
JSP response composition page
– Server-side XML descriptors
– Server-side XML
descriptors
•
•
•
•
WCS Server-side:
WSDL definition
JAX-RPC mapping file
Web application XML
WebServices XML
•
•
•
WSDL definition
Web application XML
WebServices XML
– WCS-specific XML descriptors
•
•
•
Service_mapping.xml
webservice_SOABOD_template.extensio
n.xml
Struts (struts.config-webservices.xml)
Text = generated automatically by RAD tools
6
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Execution Sequence
WAS
SOAP Message
SOAP Message
WCS Web Service Router
WCS web
service engine
2
WCS has a generic interception point
(SEI) for Web service.
Retrieve credential and activity from
SOAP header.
Convert SOAP body into name-value
pairs, and then package the pairs into a
command property.
Identify command to execute
Run the command.
Upon completion, use JSP composition
service to create a response (in XML)
WCS handles marshalling XML into
SOAP message and sends message
back.
XML document
Resolving
credential and
activity
Converting
SOAP body into
name-value pair
WAS intercepts the incoming SOAP
message encapsulated with command
to execute and data.
1
WAS web service
engine
7
3
Command
Property
Mapping to
controller
command
4
6
Executing the
command
5
XML (JSP)
document
Using the JSP
composition
service to create
a response
7
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Message Mappers
A message mapper is a mechanism that takes an XML message
and converts it to a CommandProperty object.
The CommandProperty object is a representative of a controller
command. The object contains the command name to be
executed, the command properties when executing the command,
and the parameters of the command.
The mapper is defined on WCS Instance XML file.
ECSAXMessageMapper – Web service mapper
8
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Message Mapping template
– WCS has extended the message mapper declaration to include a file
for extensions called webservice_SOABOD_template.extension.xml
(under xml/messaging)
– You can update this file to easily include your own extensions, and this
will allow you to easily create your own message mapper file.
9
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
JSP composition
Based on XML Schema, generate a XML template.
Add required JSP element
10
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > DynaCache w. JSP response
The response of the Web service request is
composed by a JSP page
It is possible to use WebSphere® Dynacache to
provide full page or fragment caching of Web service
responses.
– E.g. see “Defining an inbound Web service” Step 8.
http://publib.boulder.ibm.com/infocenter/wchelp/v
6r0m0/topic/com.ibm.commerce.webservices.doc
/tutorial/twvinboundws8.htm
11
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > JMS
Web service engine is not implemented by a servlet any longer, but
by a MDB listening to a specific destination.
JMS support for Web services is not enabled by default. To enable,
– Define JMS resources – WebSphere MQ queue connection factory and
WebSphere MQ queue destination.
– Define Messaging Listening port
– Define JMS message driven bean (WebServiceJMSRouter)
Reference:
http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.co
mmerce.webservices.doc/tasks/twvenablejms.htm
12
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Security
By default, all requests are given the authentication of generic
user (id = -1002).
WS-Security basic authentication:
– User credentials are attached to SOAP header.
– Recommended to use in conjunction with HTTPS.
13
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Activity token
Activity token: an identifier for an activity which
spans multiple requests and transactions.
– Begins when a user logs on to the site and ends when a
user logs off.
– WCS Web service framework leverages the custom
token pluggable architecture in WAS Web service engine
to place the activity token into the SOAP header of the
request.
Tracing: WC_SERVER
14
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Activity token
To keep track of session with activity token, follow the steps below:
– Generate the Client Stubs for the WSDL found in the following toolkit
directory:
• wc.modules\wars\EnablementBusinessContextWebServicesRouter.war\wsdl\BusinessContextServiceWra
pper.wsdl
– Create an utility class to manage the activity token.
– Create a JAX RPC handler that will be registered to the client Web
service proxy objects.
– Create a client to make the client request.
15
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WCS Web Service > Security
– WebSphere Commerce Web service controller
• Extracts the credential from the SOAP header
• Call the business context service to begin a new session
based on the specified credential.
• Note: The activity will only exist for the lifetime of request
processing. It will be assumed that the activity is not
needed to process subsequent requests, and the activity
token will not be returned to the calling client.
16
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WSDL2Java
Generates Java source from a wsdl document
Equivalent to a steps run by RAD’s “generate skeleton
classes”
17
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Viewing the request/response
TCP Monitor can directly check contents of a SOAP
request/response
Simple problems may be solved from this alone
– fault may be returned in response indicating bad input
Check the server-side if:
– no response is returned
– a fault with a non-obvious error
To run:
java -Djava.ext.dirs=%WAS_EXT_DIRS%
com.ibm.ws.webservices.engine.utils.tcpmon
18
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Web service explorer
Client used to connect to
any Web service
Tool has built in list of
UDDIs
The explorer can load these
services from the UDDIs, or
direct from wsdl
xMethods.net is an
excellent repository of
public service brokers
(UDDIs)
19
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
20
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
21
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
22
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Problem Determination
23
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Big-picture breakdown
Client
24
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Client
25
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Is there a working client?
WAS Issues – Bad generated javaTM
If the Web service client is running on the application server, the client code
was generated by WSDL2Java
WAS < 6.0.2.15, defective WSDL2Java breaks generating code where a
package name contains special characters, eg ‘:’
To debug:
– Check if the java package matches the directory structure
– Check the namespace listed in the wsdl for any ‘:’s
RAD uses WSDL2Java; problem applies in both RAD and Runtime
Solution:
– Upgrade WAS to 6.0.2.15 or higher
OR
– Run WSDL2Java on another working system, and import the resulting code back
26
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Other client problems
Likely cause is custom code
For WAS and non-WAS clients, use TCPMon
Find what’s missing in request
27
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Client
28
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
“Let’s verify that Commerce Web services are reachable”
Endpoint URL for an OOB service:
https://hostname:8000/webapp/wcs/services/PaymentServices
URL for the customer’s service:
https://hostname:8000/webapp/wcs/services/CustServiceName
WSDL is bound similarly:
https://hostname:8000/webapp/wcs/services/CustServiceName/wsdl
On Toolkit, substitute http://hostname/
29
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
A friendly response.
30
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Plugin doesn’t know where WebServicesRouter.war is 1/2
31
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Plugin doesn’t know where WebServicesRouter.war is 2/2
<UriGroup Name=“VH_instance_Tools”>
<Uri Name =“/webapp/wcs/tools/*”/>
<Uri Name=“/Enablement-BusinessContextWebServicesRouter/*”/>
<Uri Name “/webapp/wcs/wkspcadmin/*”/>
<Uri Name=“/Telesales-BaseWebServicesRouter/*”/>
<Uri Name=“/webapp/wcs/*”/>
</UriGroup>
Instances from WAS 6.0.2.17 to 6.0.2.19 have a missing
plugin-cfg.xml entry
Problem resolved if WAS APAR PK40514 was installed
before instance creation
Workaround is direct update of plugin-cfg.xml
Permanent solution is to export + update
WebServicesRouter.war
– Default context-root is /webapp/wcs.
32
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
The service to be reachable on a different port/non-SSL
33
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Client
34
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Server Configuration Issues
Often the most difficult to debug
Problem’s here if:
– Server is reachable
– Service code is not executed
35
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
WAS Issues – NullPtr on war initialization
In WAS 6.0.2.17 or 6.0.2.19 and WCS 6.0.0.1 or higher:
[8/13/07 18:41:40:751 CDT] 00000017 WSServerImpl E WSWS1002E: Error processing Web services
deployment descriptor for module: WebServicesRouter.war with error:
java.lang.NullPointerException
at java.lang.ClassLoader.loadClass(ClassLoader.java:312)
at java.lang.ClassLoader.loadClass(ClassLoader.java:310)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:274)
at java.lang.ClassLoader.loadClass(ClassLoader.java:310)
at java.lang.ClassLoader.loadClass(ClassLoader.java:263)
at com.ibm.ws.classloader.ProtectionClassLoader.loadClass(ProtectionClassLoader.java:52)
at com.ibm.ws.classloader.ProtectionClassLoader.loadClass(ProtectionClassLoader.java:48)
at com.ibm.ws.classloader.CompoundClassLoader.loadClass(CompoundClassLoader.java:341)
at java.lang.ClassLoader.loadClass(ClassLoader.java:263)
36
Technote: http://www-1.ibm.com/support/docview.wss?uid=swg21256299
Fix is PK40514, or WAS 6.0.2.21+
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Client
37
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Server code
To see incoming request:
– WC_SERVER for HTTP
– WC_TRANSPORT_ADAPTER for MQ
Unexpected values in response
Exception stack includes service code
Can debug like any non-Web service issue
Usually a code problem
38
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Security
Common mistake – LogonCmdImpl called in the
Web service code
This is bad practice
Unexpected access control errors may occur:
java.lang.NullPointerException
at MigrateUserEntriesCmdImpl.migrateExperimentResult
at MigrateUserEntriesCmdImpl.performExecute
..
at LogonCmdImpl.migrateUserEntries
at LogonCmdImpl.performExecute
39
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Security cont’d
Correct approach is to leverage existing WSSecurity w3 standards.
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecuritysecext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>logonId</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-tokenprofile-1.0#PasswordText">
password
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
40
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Security cont’d
RAD’s Web services only updates the SOAP:Body
Security credentials are in the SOAP:Header
Development version of Eclipse allows the header to be set
To test with authentication:
Test the service with new client code
Remember:
In production, make sure https is used in the VH
– Passwords sent from the client are not encoded in any way, and
are completely reliant on SSL
41
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Case Study
42
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Original problem
43
Web service developed and working in Toolkit
After deploying to runtime, does not work
Need to determine where it fails
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Check hitting service endpoints
Both OOB and customer endpoints say “Hi there!”
Connection is working
Client
44
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Client used is Web services explorer
No security requirements
Not a client issue
Client
45
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
No exceptions from server-side Web service code
No indication that server code is run
Client
46
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
SystemOut.log shows:
java.lang.Exception: WSWS3034E: Error:
The OperationDesc for executeService was not matched to a method of
com.ibm.commerce.webservices.OpenWebServiceBindingImpl. Debug:name:
services/inventoryUpdateServices
Checking in WebServicesRouter.war/WEBINF/webservices.xml:
<param-type>inventory.ca.com.types.InventoryUpdateRequestType</param-type>
Valid parameter for executeService is:
javax.xml.soap.SOAPElement
Once param-type changed, service worked
Client
47
Connection
Server Cfg
Server Code
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Practical Implementations
48
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Remote Cache invalidation
Cache Entry
SOAP
49
WCS
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Integrating site with bricks & mortar – Gift Registry
Web Page
Gift
SOAP
50
WCS
March 11, 2008
Registry
© 2008 IBM Corporation
WebSphere Commerce
Legacy Catalog
Web service
WCS
SOAP
Legacy
Catalog
51
March 11, 2008
© 2008 IBM Corporation
WebSphere Commerce
Resources
W3 Web services technical documentation:
http://www.w3.org/2002/ws
WCS Tutorials:
http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.commerce.base.doc/misc/movmno_
topic.htm
Redbook:
Web Services Handbook for WebSphere Application Server Version 6.1
WAS MustGather:
http://www1.ibm.com/support/docview.wss?rs=180&context=SSCR4XC&q1=MustGatherDocument&uid=swg21198363&loc=e
n_US&cs=utf-8&lang=en
52
March 11, 2008
© 2008 IBM Corporation
Download PDF