By now you should have a good initial understanding of all the key components which make up the Oracle SOA Suite. Typically, we will find that once someone has an initial grasp of the various components, one of the next questions we get is:
What is the best way to combine/use all of these different components to implement a real world SOA solution?
Answering this question is very much the focus of this section. To do this we have built a complete, all be it relatively small, SOA solution designed for an online auction site, for a fictional company called oBay (the o stands for Oracle by the way).
Each chapter in this section tackles specific areas that need to be considered when developing a SOA based solution, such as the design of the service contract, validation, error handling, message interaction patterns, and so on. To highlight and demonstrate key design considerations, each chapter uses examples based on key parts of the oBay application to illustrate what it is talking about.
This chapter introduces oBay and details the overall business requirements of the online auction site. Before looking at the overall design of the oBay application we take a step back and consider some of the key goals of a SOA based approach, such as interoperability, reusability, and agility.
Next we present you with our outline of a typical SOA architecture, and in particular pay attention to how we might want to layer our services, as well as highlight some of the key design considerations behind this.
Only when we have our blueprint for SOA, we apply it to the business requirements of oBay, and present you with its overall architecture.
oBay is a new start-up company that provides a web-based auction site for users to buy and sell items online.
Before someone can either sell or bid on items, they must first register as a user on oBay. When registering, a user will be required to provide the following information:
Name (First Name and Last Name)
Date of Birth
Address (Line 1, Line 2, City, State, Zip, Country)
Email Address
UserID
Password
Credit Card (Card Type, Number, Expiry Date)
They will also be required to accept oBay's standard terms and conditions.
As part of the registration process, the system will perform the following checks:
That the UserID is not already in use
That the user is at least 18 years of age
That the password falls within the required constraints
That for US and UK addresses, the supplied Zip Code is valid and that it matches the other details provided
That the email address is valid; this will be checked by sending the user a confirmation email to the supplied address, with a link for them to activate their account
That the credit card details provided are valid
When a user goes to their seller's page, it will list all the items they have put up for auction. By default it will be filtered to show just those items where the auction is still in progress, or the sale has yet to complete (for example, still awaiting payment or shipping).
However, the user can further refine this filter in a number of ways, for example, to show all listings in a particular state (such as awaiting payment) or all listings regardless of state.
The filter can be further qualified by specifying a time period, for example , to just show the user's listings for the last day, week, month, 90 days, 180 days, or a year.
From here they can choose to view the details of any of these items, as well as:
In addition the user may choose to list a new item, or view the status of their account.
Once a user has successfully registered with oBay, they are ready to start selling. The first step is to create a listing for the item that they want to sell. To do this, the user will need to enter the following details about the item:
Category and sub-category
Title
Description
Condition (new or used)
Confirm accepted payment methods (for example, cheque, cash, credit card, or bank transfer)
Starting price, plus an optional reserve price
Auction duration, which can be 1, 3, 7, or 10 days
An optional start time; if not specified this defaults to an immediate start
Postage description and cost
Once submitted the system will perform a number of validations on the listing, including a check that:
Values are specified for all mandatory fields
The starting price is positive and less than the reserve price (if specified)
The reserve price is above a pre-determined amount (for example $50)
The start time, if specified, is in the future
The final part of the validation is to check whether the item being listed meets the criteria for what constitutes an acceptable item; for example the item isn't one that is prohibited by law.
In addition oBay may also decide that certain items do not fit within the morals, beliefs, or spirit of oBay and therefore are also not acceptable; for example tickets for a charity rock concert.
Ideally the system is required to do an initial automated check on the listing to identify potential suspect items. If an item is flagged as suspect then a task will need to be created for an oBay administrator to check whether the item is suitable for sale.
Note
A key requirement is that the list of prohibited items is likely to be changing continually, and change may be required at very short notice so the solution must be able to cater for this.
Whether an item is acceptable is not always black and white. The solution will need to allow for questionable items to be submitted to a panel who will vote on whether to accept it or not (assuming there is a majority vote then the item will be deemed acceptable).
For valid non-questionable items, the system will calculate the listing fee and return this to the user, who can then confirm whether they wish to proceed with the listing or not. Upon confirmation, the item will be listed immediately, unless a start time has been specified, in which case the item will be held in a queue until the specified start time.
Listing fees are calculated according to the starting price (or reserve price if specified), as shown in the following table:
|
Starting or reserve price |
Listing fee |
|---|---|
|
$0.01 - $0.99 |
$0.15 |
|
$1.00 - $4.99 |
$0.25 |
|
$5.00 - $14.99 |
$0.40 |
|
$15.00 - $29.99 |
$0.75 |
|
$30.00 - $99.99 |
$1.50 |
|
$100.00 or more |
$2.00 |
If the item is suspect, the user will be informed that the listing requires manual vetting before it can be approved for listing. Upon completion of the manual vetting, the user will be informed of the result by email. If the item has been approved, the user will be informed of the listing fee and can then choose whether to proceed with the listing.
For various reasons a user may want to cancel a listing. However, whether they are permitted to do this will depend on the listing's current status. If the auction has not yet begun, either because it is still waiting approval (due to it being flagged as a suspect item) or it is a scheduled listing, then it can be cancelled and any paid fee will be refunded.
Note
If the listing was awaiting approval then any outstanding tasks will need to be cancelled automatically.
However, if the auction has begun, then it can be cancelled up to 12 hours before the end of the auction; unless it has no bids against it. In this case, it can be cancelled any time and the listing fee will not be refunded.
The auction will end automatically after the specified duration. The user with the highest bid (subject to it meeting the reserve price if specified) will be declared the winner.
Once completed, the listing will proceed through the following steps to complete the sale:
Specify shipping details: The winning bidder will be notified by email and requested to provide details of where the item is to be delivered to as well as any preferences for postage. An email will be sent to the seller containing the shipping details.
Invoice buyer: The seller will invoice the buyer for the winning amount, plus postage. An email will be sent to the buyer containing details of the invoice.
Make payment: The buyer will then be required to pay the seller via a method accepted by the seller (note that this is done outside of oBay). Once done the buyer will update the status of the item to indicate that they have made the payment. An email will be sent to the seller to inform them that the payment has been made.
Confirm receipt of payment: The seller, on receipt of the payment, will update the status of the item accordingly. An email will be sent to the buyer to inform them that the seller has received the payment.
Ship item: After receiving payment the seller will pack and ship the item to the buyer; again they will update the status of the item to indicate that it has been shipped. An email will be sent to the buyer to inform them that the item has been dispatched.
Receive item: Upon receipt of the item, the buyer will record the fact that they have received the item. An email will be sent to the seller to inform them that it has been received.
Upon successful completion of the sale, a seller's fee, based on the final price as set out in the following table, will be charged to the seller's account.
|
Sale price |
Seller's fee |
|---|---|
|
$0.01 - $50.00 |
5% of the sale price |
|
$50.01 - $1000.00 |
$1.00 plus 3% of the sale price |
|
More than $1000.00 |
$16.00 plus 1.5% of the sale price |
If there are no bids or the reserve price isn't met, the auction will just finish without a winner. In this case a seller's fee will not be charged to the seller's account.
Whenever a user lists an item they will be charged a listing fee. Upon successful sale of an item, they will be charged a seller's fee, based on the actual sale price.
Each of these charges will be billed against the user's oBay account, then on a monthly basis oBay will automatically charge the user's credit card for the outstanding amount.
When a user goes to their buyer's page, it will list all the items on which they have placed a bid. By default it will be filtered to show just those items where the auction is still in progress, but they will be able to view items on which they bid but lost.
From here the user can choose to view the details of the item, as well as place a bid if the auction is still in progress.
In addition, it will show those items that they have successfully won. By default it will only show those items where the sale is still in progress (for example, still awaiting payment or shipping). The user can further refine this by listing all items in a particular state (for example, awaiting payment) or all items regardless of state.
The filter can be further qualified by specifying a time period, for example, to just show the user's listings for the last week, month, 90 days, 180 days, or a year.
From here they can choose to view the details of any of these items, as well as perform outstanding tasks on open items (for example, specify shipping details, confirm receipt of item).
In addition, the user may choose to search for a new item on which to bid.
The first step in bidding for an item is to find something that you're interested in. oBay will provide buyers with the ability to search for items listed on oBay. The user will be able to search on a combination of Category, Sub-category, Title, and Condition.
The search will return all items that match the criteria, which will be displayed 10 items at a time.
Once a user has found an item of interest, they can view all details of it, including existing bids. They can then choose whether to place a bid.
oBay uses an auction format which lets a user bid the maximum amount they currently want to go up to. However, their bid will only be increased by a sufficient amount required to beat the current winning bid.
When the first bid is placed, it must be at least equal to the starting price set by the seller. However, regardless of the amount actually bid, the current winning bid will be equal to the starting price of the item.
After this, any future bids must be at least equal to the current winning bid plus one bidding increment, where the bidding increment is determined by the amount of the current winning bid as shown in the following table:
|
Current winning bid |
Bidding increment |
|---|---|
|
$0.00 to $1.00 |
$0.05 |
|
$1.01 to $5.00 |
$0.25 |
|
$5.01 to $10.00 |
$0.50 |
|
$10.01 to $50.00 |
$2.50 |
|
$50.01 to $100.00 |
$5.00 |
|
$100.01 to $500.00 |
$25.00 |
|
$500.01 to $1000.00 |
$50.00 |
|
and so on |
|
When a new bid is placed, oBay determines the winning bid by comparing the maximum amount of the current winning bid with the new bid; whichever is highest is determined to be the winner. However, the amount of the winning bid is determined by adding one bidding increment to the maximum amount of the losing bid.
If the calculated winning bid is greater than the maximum bid of the winning bid, then the winning bid is set equal to the maximum bid.
In the event of a tie, whoever placed the bid first is deemed to have the winning bid and the winning bid is set to their maximum bid amount.
At first glance this might sound quite complicated, so let's look at an example to clarify. If the minimum amount set by the seller is $1.00, then the winning bid would be worked out as follows:
If Bidder A places a bid of $7.00, then they would currently have a winning bid of $1.00.
If Bidder B then bids $3.00, Bidder A would still have the winning bid, but it would now be $3.25 (Bidder B's maximum bid plus one bidding increment).
If Bidder B then bids $6.99, Bidder A would still have the winning bid, but now it would be $7.00.
Finally, if Bidder B bids $10.00 then they would now be the winning bidder, with a winning bid of $7.50.
Upon placing a bid the user will be informed if they have been successful or not and the amount of the current winning bid. If successful, the previous highest bidder will be emailed to inform them that they have been outbid.
On completion of the auction, the winning bidder will be notified by email and requested to provide shipping details and any preferences on postage. Once provided they will subsequently receive an invoice from the seller, confirming the amount to pay (that is the winning price plus shipping and packing costs) and instructions on how to pay it.
Once paid, the buyer should notify the seller that they have made the payment. Once the seller has received the payments, they will then ship the item to the buyer.
Upon receipt of the item, the buyer should then notify that they have received the item.
Before we leap in and start building our service-oriented solution, let's take a moment to understand why we would want to do this. After all, we could build this application using a standard web-based architecture using tools such as Java or .NET.
We will use this section to remind ourselves of the goals we are trying to achieve, as well as to discuss the basic concepts of SOA. We then look at how we can bring this together to define a blueprint for a typical SOA architecture which we can use to architect our oBay application.
The core goals of SOA can typically be summarized as:
Improved interoperability: A major cost of any project is the effort required to integrate an application with existing applications both inside and outside the enterprise.
The use of standards-based communication frameworks (for example, web services); a standard representation for the exchange of data and common design standards can greatly simplify the integration between disparate systems, greatly reducing the cost of cross application integration.
Improved reuse: Designing and building services to be intrinsically reusable enables you to not just meet initial requirements but also leverage them in future applications. Similarly, you can service enable existing systems which enables you to further leverage existing investments.
This not only saves you the time and effort of rebuilding similar functionality, but can also help consolidate your IT estate, as now you only need to implement a piece of functionality once, as opposed to having similar functionality buried in multiple systems. This can help reduce the cost of administering and maintaining your existing systems (on which approximately 80% of today's IT budget is spent).
Improved agility: One of the key design principals behind SOA is that systems are no longer built to last, but rather built to change.
Following SOA principals, not only allows you to more rapidly implement new solutions through reusing existing functionality, but also enables you to reduce the time it takes to modify and adapt existing SOA based solutions in response to ever changing business requirements.
Using SOA standards and technologies will take you part of the way towards achieving some of these goals, but as the A in SOA indicates, a key component of this is architecture.
Up to now we've been throwing around the term "SOA" without really spending much time looking at what a service is, or at least what a well-designed service looks like or how we should go about assembling them into an overall solution, that is the architecture of our application.
The simple reality is that services come in all shapes and sizes, each of which have some bearing on how you design, build and use them within your overall architecture. So it makes sense to further define the different types of services that we will need, how they should be used, how they should be organized into different layers, and so on.
Taking this approach enables us to ensure services are designed, built and used in a consistent fashion, improving the overall interoperability and reusability of a service as well as ensuring the overall implementation is architected in such a way to address key non-functional requirements such as performance, fault tolerance, and security, as well as providing a solution that addresses our other goal of agility.
Now before we do this we should add a health warning. There is no single definition as to how you should compose your SOA architecture, but there are many opinions. It is also a pretty big topic in its own right, so we could quite easily dedicate an entire book to this subject alone.
Hence, we offer this up really as an introductory opinion on how you might want to design your overall SOA architecture. Feel free to agree or disagree with parts of it as you see fit. However, what we would stress is that you need to go through the process of defining your architectural approach to SOA and that you continue the process of refining it over time based on the experience and requirements of your organization.
With that caveat out the way, the following diagram illustrates one way of organizing our services into distinct layers within our overall architecture.
We can see that this breaks into five layers. It should also be apparent that all layers, except the top layer, actually provide a set of services to the layer above and typically do this by building on the layer beneath.
Like most architecture diagrams this is over simplified. For example, it implies here that the User Interface layer will always have to go via the Business Processes layer to access a Business Service. In many circumstances to mandate this as an architecture requirement would be over burdensome, and as a result impair our key goals of reusability and agility.
While we've labelled the top layer User Interface, it could potentially be any consumer of our services which sits outside our domain of control, whether internal or external to our organization.
Let's examine these layers one by one, starting at the bottom and working our way up.
When we look at the various layers within a service-oriented architecture, each layer typically builds on the layer below. However, at some point we need to hit the bottom. This is the layer we have termed the Application Services Layer. The layer is typically where the core service is actually implemented, or if you like where the real work happens.
We refer to it as the application service layer since most services are typically provided by existing applications. These could be packaged applications, such as Oracle e-Business Suite, Siebel, Peoplesoft, SAP, or custom applications developed in-house using technologies such as Java, C#, Oracle Forms, PL/SQL, and so on.
Many modern day applications are web service enabled, meaning that they provide web services out of the box. For those that aren't then adapters can be used to service enable them (as we have already discussed in Chapter 3 — Service Enabling Existing Systems).
The key here is that from our perspective this is the lowest level of granularity that we can go down to, and also the actual control we have over the interface of services at this level is limited or non-existent. This tends to be the case regardless of whether or not we have control of the application that provides the service, as the actual interface provided is often a reflection of the underlying application.
It's for this reason (i.e. lack of control over the service interface) that we also include in this category native web services provided by other third parties, for example services provided by partners, suppliers, customers, and so on as well as software as a service(SaaS).
This is a relatively thin layer that provides a façade on top of the Application Services layer. The key driver here is to achieve our goal of de-coupling the services provided by the underlying applications (over which we have varying degrees of control) from any consumers of that service.
The simplest way to illustrate the criticality of this layer is to demonstrate the potential impacts of trying to bypass it, which during the pressure of a development lifecycle can be easily done (and often is).
A typical scenario is where a developer or architect will argue that it's only used in one place, and it's unlikely to change for a long time anyway, or we need to do it this way for performance reasons, and so on. And often it is the case that the FIRST time you use something it is only being used in one place. The trouble is that before long you may find it being used in many places (and often you don't always know where).
Then change happens. It may initially be a simple change, for example it may be just moving the application to a bigger box (as the amount of requests it is now processing has increased). Or the actual application itself may be changing. Maybe it's being upgraded to a new version, or maybe it's being replaced with a completely new application.
Either way the WSDL for the service is likely to change, requiring every caller of that service to be modified, tested and redeployed, and of course this needs to be coordinated across all users of that service.
This becomes even more complicated when you have multiple changes in the same time frame. You could very quickly end up with 100's of 1000's of changes to implement and coordinate. Suddenly change becomes very complicated and our systems far from agile.
As we mentioned earlier, the job of this layer is to provide a virtual service layer to decouple consumers of services from the underlying application and thus minimize the impact of change. It achieves this in two ways — first it provides a virtual endpoint for the client to call. Upon receipt of a request it then routes it to the underlying application service.
Secondly, it allows us to define an abstract description of the service, that is the operations provided by the service and its corresponding input and output messages, so that these are no longer dictated by the underlying application. This layer is then responsible for transforming an incoming input message from the format of our service contract to the one expected by the application service and vice versa for any response.
As the name suggests, this is a fairly generic term used to describe encapsulated business logic that is made available through a designed service contract. The keyword here is "designed". In particular, when it comes to exchanging data models, as each service will typically share a common data model defined in one or more XML Schemas. This is often referred to as the canonical model and is something we will look at in a lot more detail in the next chapter (Chapter 10 — Designing the Service Contract).
One of the implications of this is a virtual service, as discussed in the previous layer, which is in reality a specialized type of business service. As we will see in a moment that a business process is also a specialized type of business service. However, each of these has a specific role, and tends to gravitate towards a specific layer.
This still leaves us with a rather large category for all our remaining services, so from a design perspective it makes sense to break these down further into specific sub-categories.
There are many ways and many opinions on how exactly business services should be categorized. From a personal standpoint, we believe that there are two key perspectives to consider, the first being to look at the type of functionality contained within the service as this will guide how we may wish to implement the service.The second is to consider who is going to call or consume the service, in particular where they sit within our layered architecture as this will often drive other considerations such as granularity, security, and so on.
Our first category is the type of functionality provided by a service. We've split this into three groups: Entity, Functional, and Task based service. Let's examine each of these in more detail:
Entity services: It is also known as data services, emulate business objects within an enterprise. For example User, Account, and Listing are all entities within oBay. Entity services often represent data entities held in a relational database and provide the corresponding lifecycle (i.e. create, read, update, and delete) and query operations.
Entity services can often be used within multiple contexts, making them excellent candidates for reuse. To further promote this, it is considered good practice to minimize any business specific logic (such as validation) that you place within the service.
The one draw back here is that you wouldn't want to expose an Entity service directly to the presentation layer or any external third party service; rather you would use it within a task based service or business process.
Functional services: These are used to implement raw business logic, for example business rules, pricing algorithms, and so on. It is quite common to embed rules directly within task based (or even entity) services, often leading to the same rule being implemented in multiple locations and not always consistently.
By separating out this logic as a standalone service, you not only ensure it's used in a consistent fashion, but also make it simpler to modify (i.e. you only have to do it once), thus increasing the agility of your solution.
Functional services typically don't use entity services (except maybe to look- up reference values used by the algorithm). If you have a functional service that does, then in reality you have a task based service with functional logic embedded within it.
In many cases this may be fine. However, it will limit how reusable the service is and could result in the same functionality being reimplemented in other task based services.
Task based services: These are modeled to carry out a specific set of related activities, often within the context of a business process. By their nature they will often act across one or more entity services, and may also make use of other task based or functional services.
For example, if we look at the operation
submitBid, this would very much form part of a task basedAuctionservice as it supports the task of placing a bid. However, it is likely to use an Entity Service to store the received bid in the underlying database and it may use a Functional Service (i.e.AuctionEngine) to calculate the result of placing the bid.
A key design point that needs considering is who will be consuming our business services? It could be other business services, business processes, or an external consumer such as the user interface layer, partners, or other parts of the organization, though a service could potentially be called by all types of consumers.
Knowing who will call a service will impact areas such as service granularity, validation, and security.
Granularity is a key consideration in service design. Current industry wisdom tends to encourage the use of more coarse grained services, but it's important to understand why when considering the granularity of an individual service.
Granularity is essentially the number of operations we need to call on a service in order to achieve the desired result. The more fine grained a service is, the more operations you will typically need to call, the more coarse grained the less.
The key driver for coarse grained services is the performance impact of going across a network. Thus, if you can achieve the desired result by calling a coarse grained service, as opposed to calling for example four fine grained services, then it is likely to be approximately four times faster. Because the actual processing time of the service is likely to be insignificant in comparison to the cost of going across the network.
However, using coarse grained services often come at a price; if you combine multiple functions into a single operation, it may becomes less useable as requestors may be required to provide additional data to use the service, or the service could result in unwanted side effects. Additionally, it may impose redundant processing on the server side which could adversely impact performance. For example, it may cause the service to make unnecessary reads to a database, or make calls to additional services across the network, each with resultant implications on overall performance.
The other consideration is that if a service is calling another service within the same environment (for example, with the same deployment of the SOA Suite), then the call is likely to be optimized and to not require a network hop.
Understanding where the service consumer lives in relation to the service is a key design consideration. So when deciding on service granularity it's worth bearing the following guidelines in mind:
For business services that are only going to be consumed by either business processes or other business services (for example, Entity Services and Functional Services), then you can afford to use finer grained services.
If a service is to be used outside the domain of control, then coarse grained services are more appropriate, though you should consider the downstream performance implications of any redundant processing.
When providing coarse grained services, if there are potential impacts on either performance or reuse then consider providing a number of redundant fine grained services in addition to the coarse grained services. Effectively by de-normalizing the service contract, it gives the consumer the ability to choose the appropriate service.
In addition, depending on the nature of the service consumer, you may need to place other requirements on a service, such as:
Security: As with all IT systems security is key, but more so if you start using SOA to expose your systems via web services to external third party consumers.
Management: Many third party consumers will want to agree some sort of service level agreement; you need to ensure you have sufficient infrastructure in place to manage your services appropriately.
Support: When exposing services to third parties you need to consider how they are going to build systems that use them, i.e. what level of documentation you are going to provide, who do they call when something goes wrong, and so on.
Change management: When services change, how are you going to manage that? Depending on who the consumer is, you may be able to coordinate any upgrades with them; however, that won't always be the case.
Validation: The less control you have over the consumer of a service, then generally the less assumptions you can make about the quality of data you will receive and the more validation that will be required.
Typically service management and security is not something you build into individual services, rather it tends to be provided by the underlying infrastructure in which you host the service (something we look at in more detail in Chapter 20 — Defining Security and Management Policies).
Support is more of an organizational issue, as is change management to a certain extent. However, design of the service contract is key to making change more manageable and something we look at in detail in the next chapter (Chapter 10 — Designing the Service Contract).
Finally validation is an important consideration in design, and something we look at in more detail in Chapter 12 — Building Validation into Services.
As we've already mentioned, you could argue that a business process is no more than just a specialized Business Service, especially when viewed through the eyes of the service consumer. However, it has a number of key differences that make it worth considering as a separate layer in its own right.
Before we look at why, lets take a step back. If we look at the traditional application architecture which splits out an application into its presentation layer, business logic and database layer, within that business logic, it is the business process that is more likely to change.
A business process is more likely to span multiple systems, which has led to the proliferation of point-to-point integration solutions, aimed at tying those bits of process together into an end-to-end business process. This can further obfuscate the business process, as a result making it more resistant to change.
Abstracting out business process into a separate layer gives us a number of advantages. Firstly, rather than having the process logic buried across multiple applications, we can now define a single end-to-end process with a far higher level of visibility and clarity than would normally be achievable. This makes it far simpler to monitor the end-to-end process, as well as to modify it in the future.
It also simplifies our underlying business services, since by extracting the business process specific logic from them, they naturally become more generic and therefore more reusable.
Another by-product is that since processes are long running in nature, whether for minutes, hours, days, months, or even years, they are inherently stateful. Thus, it often removes the need for other services to manage state, again simplifying them as well as making them more reusable.
Note
It is currently deemed best practice to make services stateless, since stateless architectures are typically more scalable (or at least easier to scale) than stateful ones. In addition stateless services tend to be simpler to build and use, making them more reusable.
While to a certain extent this is true, you could argue that up until recently many of the WS-* standards and corresponding vendor tools have not had the required completeness of functionality to support stateful services. This is now starting to change, so going forward there is likely to be more of a mix of stateless and stateful services within SOA.
As the top layer within our architecture, this is the layer which consumes the services provided by the Business Processes and Business Services layers. We have labelled this the User Interface layer, mainly because we are using our SOA architecture as the blueprint for building a composite application and this is the layer where the GUI (either web-based or thick client) would sit.
For the purpose of this book, we will not spend much time looking at this layer, as it falls outside the boundary of what is provided by the Oracle SOA Suite. Though for the purpose of delivering a fully working application we have provided a simple web-based user interface developed using JDeveloper.
The reality is that many users of the SOA Suite continue to develop the GUI component of an application using their technology of choice, as in most cases it dovetails very nicely with a SOA based approach.
Note
Many user interfaces are based on variations of the Model-View-Controller(MVC) design pattern. The Model represents the business logic and data of an application and defines a set of operations that can be performed against it.
The View is the user interface (for example, web page); it presents information from the Model to the user, and then captures actions taken by the user against the view. The Controller maps actions performed on the View (for example, clicking a Submit button) to operations on the Model (for example, placing a bid). After the Model is updated, the View is refreshed and the user can perform more actions.
This approach fits extremely well within the context of SOA, where the Model is effectively provided by the Business Process and Business Service layers. The View and Controller can then be implemented using your GUI framework of choice (for example Oracle ADF, Spring, or Struts). The Controller would then provide the integration between the two, with it invoking the appropriate operations on the underlying services.
While we have focused on the user interface being the top layer within our architecture, the reality is that these services could be consumed by applications built by other parts of the organization, or those of our partners or customers.
If these consumers are using the same architecture as us, they would view our services in the same way as we are viewing external web services within the Application Services layer of our architecture.
This implies the need to have an additional Virtual Services layer in our model, between the User Interface and Business Process layer. We could rely on the consumer of our services to build this layer, but it actually makes a lot of sense for us to provide it.
Remember that the goal of our original Virtual Services layer was to de-couple our composite application from the underlying services provided by the Application Services layer, so that we can insulate ourselves from changes to the underlying applications.
Here is the reverse. We want to de-couple the services we are providing from the consumers of those services, as this gives us greater flexibility to change our services without being constrained by the consumer of our services.
This layer also provides a suitable point of control for managing access to our services enabling us to define, enforce, and monitor polices for security and service level agreements.
With this additional layer, our SOA architecture now looks as follows:
You may have noticed, we have deliberately stayed clear of saying which parts of the Oracle SOA Suite are used for which areas within our architecture, and there is a good reason for this. Firstly, we wanted to produce a meaningful architecture that clearly demonstrated the key objectives and consideration of each layer, rather than just a piece of marketecture.
Secondly, it's not a simple one-to-one mapping, as many of the components can be used within multiple layers within the architecture and within most layers you have the luxury of choosing between multiple components. The following is a guide as to which technologies can be used where within our architecture:
Application Services layer: This layer is pretty straightforward, in that if the application doesn't provide in-built support for web services, then it is the case of using the appropriate adapter to hook into the underlying application.
Virtual Services layer: The Service Bus should be your default starting point for this layer, as it has been designed to address the specific challenges tackled by this layer of our architecture.
BPEL PM provides an alternative to the Service Bus. While not as optimized for this layer, it does provide a valid substitute in some scenarios. For example, the implementation of two-way asynchronous services.
Business Services layer: BPEL is typically used for task based services, as it provides a rich language for building composite services, with human workflow being used for manual tasks. However, the Service Bus is also a good choice for building light weight synchronous services.
Business Rules provide an excellent tool for implementing functional services, as well as the validation within task based services.
Business Processes layer: This layer, as you've no doubt already realized, is the natural domain for BPEL. However, Business Rules also plays an important role in allowing you to externalize the logic behind decision points within your process.
Business Activity Monitoring is then used to instrument your business processes and any other relevant services, in order to provide you with a holistic view across your application.
Finally Web Services Manager is used to define, enforce, and monitor polices across your services around security, service level agreements, logging, and so on.
Note
Oracle Service Bus has the concepts of Proxy service and Business service. Within our terminology, a Proxy Service maps to a Virtual Service. However, an OSB Business service maps to what we have termed an Application service.
We realize this could be confusing and did consider changing our terminology to match. However, we have tried to base our architecture on accepted industry practice and terminology. So believed it was better to keep with this terminology rather than modify if to fit with the naming of specific products.
Now that we have our blueprint for SOA, let's apply it to the business requirements of oBay. Doing this we come up with the following high-level architecture.
We won't go into this in detail at this point (as we do that in the remainder of this section), but it's worth looking at each layer and highlighting a few
significant features.
As you will see from the above diagram, we have broken out our Application Services into three categories:
oBay Developed Services
External Web Services
Workflow Services
Each of these raises some interesting points, which we will examine in further sections.
The Task, Identity, and Notification services are a subset of the services provided out of the box by the Oracle SOA Suite. Because we typically access these services via the Human Task activity within BPEL, it is easy to overlook their very existence.
The workflow services have documented API's, so can be invoked just like any other web service. We take advantage of these APIs to build the Order Management business service and look at how to do this as part of Chapter 15 — Workflow Patterns.
oBay makes use of a number of real world web services; we look at how to include these within our overall solution in Chapter 11 — Building Business Services.
Another key consideration when using external web services is what happens if they fail. We look at this as part of Chapter 13 — Error Handling.
As oBay is a start-up, it has rather limited applications in-house, so we are going to build most of these services from scratch. The great thing about SOA is that we can actually build these application services using whichever technology is appropriate to our organization.
To demonstrate this we've examined how these services could be implemented using a number of alternative technologies, namely Java and PL/SQL. We will cover this in detail in Chapter 11 — Building Business Services.
All of our oBay developed application services have a straight one-to-one mapping with a corresponding virtual service. This is quite common when developing the underlying application services as part of the overall implementation.
When exposing functionality from existing systems, this won't always be the case. For example, you may have multiple systems performing the same function. In this scenario multiple application services would map to a single virtual service, which would be responsible for routing requests to the appropriate system. This is the case for our external services, where we have multiple services for address and credit card services.
In Chapter 11 — Building Business Services, we cover both use cases, as we look at how to build business services either from scratch or by reusing existing logic.
At first glance this looks pretty unremarkable; however, there are a few areas worth further scrutiny. Many of the task based services, such as UserManagement, are built using one or more entity services and do little more than layer validation on top. We examine this approach in Chapter 12 — Building Validation into Services.
A number of the task based services (for example check Suspect Item and Order Fulfillment Task) are manual in nature and therefore predominately built using the Workflow Service provided by the SOA Suite. In Chapter 15 — Workflow Patterns, we look at why we have separated them out as separate business services, rather than embedding them directly within the core business processes.
Finally the Auction Engine is an interesting example of a functional service. One way to implement this would be to write it using a standard programming language such as Java or C#. However, an alternative is to use Business Rules. We will look at this in Chapter 16 — Using Business Rules to Implement Services and examine some of the advantages and disadvantages to this approach.
Effectively within oBay there are two key business processes: registering a customer and the end-to-end process of listing an item and selling it through auction. The, second of which we've split up into three sub-processes (for the purpose of reusability and agility should oBay change or extend its core business model at any point in the future).
It is also worth examining the Account Billing process; all our other processes are initiated to handle a specific request (for example, register a user, list an item for auction), while this is a scheduled process, which we will run nightly to settle the account of all users with outstanding monies. We examine how we do this in Chapter 14 — Message Interaction Patterns.
Here we've defined two user interfaces, where one is for oBay customers which we've built using JDeveloper and the other is for oBay employees who need to perform human workflow tasks.
Both sets of users will be performing human workflow tasks, one via the out-of-the-box worklist application, the other through our own hand cranked GUI. We will look at how to do this in Chapter 15 — Workflow Patterns.
To download this application, go to the support page of Packt Publishing (www.packtpub.com/support ), and from here, follow the instructions to download the code for this book, which includes the oBay application.
Included with the code will be a PDF with detailed instructions on how to install and run the oBay application.
In this chapter, we've provided you with a detailed introduction as to the business requirements of oBay, our fictional online auction site, as well as presenting you with the architecture for our composite application.
Before we developed our solution, we took you through the process of defining our high level SOA blueprint, outlining some of the objectives and considerations you should take into account when developing a SOA based architecture.
Along the way we've also thrown up a number of questions or issues that need to be addressed, as well as highlighting particular areas of interest in our overall design.
In the remainder of this section, each chapter will focus on addressing a particular subset of those issues raised, using various parts of the oBay application to illustrate each answer. This is so that by the end of this section we will have tackled all the matters that we've raised including the key question:
What is the best way to combine/use all of these different components to implement a real world SOA solution?
As you are no doubt already realizing from this chapter, there isn't a single simple answer, but rather you have many choices, each with their own set of advantages and disadvantages. By the end of this section you should at least be in a position to better understand those choices and which ones are more applicable to you and that of your own development.