SOA Introduction SOA Security

Document Sample
SOA Introduction SOA Security Powered By Docstoc
					SOA Security/Infrastructure and
SOA Design Workshop

    605.702 Service Oriented Architecture
    Johns-Hopkins University
    Montgomery County Center, Fall 2011
    Session 10: November 16, 2011
    Instructor: T. Pole
   Homework Requirements Review
   SOA Design Workshop
       Additional Functionality
       Additional Business Processes
       Organizational Agility & Process Reengineering
   SOA Security and Infrastructure
       Moved to November 30 Lecture
       Ch 15: Enterprise Service Bus (ESB) with BizTalk
        Server and Windows Azure
       Ch 16: Windows Azure Platform AppFabric Service
       Ch 17: SOA Security with .Net
Homework Requirements Review
   Each Homework builds on the previous ones
   This will be a view of all the homework as one multi-part
       HW 1: Building a .Net SOAP Service
       HW 2: Designing and Implementing the Automation to Support a
        business Process
       HW 3: Designing and Building a SOA that Supports Automation
        of Several Business Processes
       HW 4: Business Process Improvement Through Improving the
        Automation that Supports it
       HW 5: Testing & Enhancing Organizational Agility of Your SOA
HW 4 Summary
   Homework #4
   Improve functionality of your solution using fully functional legacy
    components (Demo)
   Update design as needed, for whatever changes you make related
    to other requirements
   Add functionality into your services that can improve or expand the
    automation support your Homework #3 solution provided
   Explain the changes you’ve made (short accompanying paper, 1-2
    pages probably) to improve the automation support
   Other than automating steps that may now be manual, do NOT
    change the business processes
   Complete DLL’s with source code and example test driver will be
    supplied 11/9/2011
HW 5 Business Process Reengineering

   Resulting from an external (to our class)
    Business Process Reengineering activity
   We, the IT department were only consulted
    on but were not an integral part of the BPR
   Now, we must react to those business
    process changes to demonstrate how our
    SOA allows us to be a agile organization.
HW5 Changes to Accounts Payable
   BP1: Accounts Payable – process a bill to be paid
   Previous Process
    1.   Bill is received through mailroom and scanned, or submitted directly by customer
         as electronic document.
    2.   Bill and metadata is entered into financial document tracking system (FDTS) by
         accounting clerk (AC)
    3.   AC enters invoice for approval to the Document Approval System (DAS), with
         invoice as attachment, requiring signatures from relevant account manager and
    4.   After approval DAS notifies AC via AC’s dashboard
    5.   AC enters approved invoice into Full Charge Accounting System (FCAS) which
         either generates electronic payment or prints paper check (based on payees
         preference in their accounting profile)
   Changes
        Steps 2 & 3 are integrated. AC enters information, including metadata into user
         interface, and it is entered into both FDTS and DAS.
        Step 4 & 5 are integrated, and fully automated, DAS notifies AC and asks for
         approval, then enters approved invoice into FCAS
HW5 Changes to Payroll
   BP3: Payroll – write the weeks paychecks
   Previous Process:
    1.   Each employee or subcontractor enters their week’s hours in a Weekly Timecard
         File (WTF, a Word document template), and then enters that WTF in the DAS,
         entering their supervisor’s name as approver.
    2.   After approval, the AC enters the WTF into the FCAS
    3.   The AC, each Monday issues the command to the FCAS to generate the payroll
         for the week.
    4.   The FCAS generates direct deposit messages for each employee or
   Changes
         Step 2, when the DAS has completed getting approvals, it sends a message to
         FCAS that it has been approved, so the AC does not need to enter the WTF into
         the FCAS
        Step 4, the AC only has to enter the dates on which payroll will be generated, and
         the FCAS will do so automatically. The new functions are:
            AC enters or changes dates on which payroll will be generated
            AC can cancel a payroll generation while it is running
HW5 Changes to Order Fulfillment
   BP4: Order Fulfillment – complete an order
   Previous Process
    1.   The product delivery department receives emails from the OFS for each customer order once
         it is approved for delivery.
    2.   The product delivery department checks that all items in the order have been reserved in the
         pulls the items reserved in the ICS, and then pulls the items physically from the inventory and
         packages them for shipment.
    3.   The product delivery department then updates the ICS to show the reserved items have now
         been removed from the inventory
    4.   The product delivery department then contacts shipping to have the packages shipped to the
    5.   The product delivery department then updates the OFS to show that the order has been filled
         and shipped
   Changes
        Steps 1 & 2, The OFS will check to make sure all items have been reserved in the ICS before
         notifying the product delivery department that an order is approved for delivery. The email
         sent to them by the OFS will identify where in the warehouse each item is located.
        Step 3, the product delivery department staff now carry hand held Android devices which
         allows them to update the ICS that those items have been removed from inventory by clicking
         links embedded into the email notification the OFS sent them
HW 5 Summary
   Two Parts
       #1. Update your SOA Design (not implementation) to support
        these business process improvements
           New and/or updated operations and service
           Connections from the business process task steps to the operations that
            automate them
           Identify new and/or updates to legacy functions that will be required to
            implement the changes to your SOA design
       #2. Update your SOA Design by identifying standards based (e.g.
        WS-* extensions) that should be added to your design
           Examples:
               Where should you be using authentication in your SOAP message traffic, and what
                WS-* extensions should you use?
               Where might you use message forwarding, and what WS-* extensions should you
HW 5 Assignment
   Assigned now, November 16, 2011
   Submit to me before the next class, in two weeks, November 30
    your plan to include
       List of new and updated operations, services, and legacy in your new
        SOA design (do not need to be completed, just list them)
       List of WS-* extensions you will add to your design, and for what
        purposes are you adding them
   Final Version Due December 7, 2011, allowing you three weeks to
    work on it
       Updated Three Part Design Charts
       Paper describing the changes you have made
           Describe how the changes in the business processes required the changes you made in
            the SOA design
           Describe the changes in the legacy code that are required to support the SOA design
           Describe the use of the WS-* extension based changes you have made to your SOA
            design, and why you made those changes
SOA Design Workshop
   Initial SOA Design
     Analysis of Existing Organization
     Analysis of SOA Goals

     Design of SOA Solution

   Evolving a SOA Design
     Additional Functionality
     Additional Business Processes

     Organizational Agility & Process
Initial SOA Design
   Review Lecture #5 SOA Design Techniques
   Keep in mind that the business processes
    may, in fact probably will change, and you
    must plan ahead to achieve organizational
   White Board Exercise: “Suppliers Network
    Procurement Gateway System” B2B System
   Processes:
       Post a request for prices
       Post a response to a request for prices
Evolving a SOA Design
   You start with some of the work already done
       You update instead of create most work products
           Update the analysis of the processes, including the
           Candidate service and operation lists are not required
            unless substantial new automation must be
           For the most part, you alter existing 3 layer diagrams
           For new processes, you must create new 3 part
            diagrams, BUT…
           You will reuse the existing bottom IT layers
           You will reuse portions of existing middle SOA layers

Shared By: