Service Oriented Architecture
Service Oriented Architecture
Thomas Erl
With contributions by Paulo Merson and Roger Stoffers
For information about buying this title in bulk quantities, or for special Senior Project Editors
sales opportunities (which may include electronic versions; custom Lori Lyons
cover designs; and content particular to your business, training goals, Betsy Gratner
marketing focus, or branding interests), please contact our corporate Copyeditors
sales department at [email protected] or (800) 382-3419. Paula Lowell
For government sales inquiries, please contact Language Logistics
[email protected]. Infi net Creative Group
For questions about sales outside the U.S., please contact Maria Lee
[email protected]. Teejay Keepence
Visit us on the Web: informit.com/ph Indexer
Cheryl Lenser
Library of Congress Control Number: 2016952031
Copyright © 2017 Arcitura Education Inc. Proofreaders
Williams Woods Publishing
All rights reserved. Printed in the United States of America. This Abigail Gavin
publication is protected by copyright, and permission must be obtained
Melissa Mok
from the publisher prior to any prohibited reproduction, storage in a
Kam Chiu Mok
retrieval system, or transmission in any form or by any means, elec-
Shivapriya Nagaraj
tronic, mechanical, photocopying, recording, or likewise. For informa-
tion regarding permissions, request forms and the appropriate contacts Catherine Shaffer
within the Pearson Education Global Rights & Permissions Depart- Pamela Janice Yau
ment, please visit www.pearsoned.com/permissions/. Maria Lee
ISBN-13: 978-0-13-385858-7 Editorial Assistant
ISBN-10: 0-13-385858-8 Olivia Basegio
First printing: December 2016 Cover Design
Thomas Erl
Photos
Thomas Erl
Cover Compositor
Chuti Prasertsith
Compositor
Bumpy Design
Graphics
Jasper Paladino
Zuzana Cappova
Infi nite Creative Group
Spencer Fruhling
Tami Young
Demian Richardson
Kan Kwai Lui
Briana Lee
Educational Content
Development
Arcitura Education Inc.
To Markus, who recently joined our team
with a keen sense of curiosity and a relentless desire
to analyze and redesign even the most micro of things.
—Thomas Erl
This page intentionally left blank
Contents at a Glance
CHAPTER 1: Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
CHAPTER 2: Case Study Backgrounds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
PART I: FUNDAMENTALS
CHAPTER 3: Understanding Service-Orientation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
CHAPTER 4: Understanding SOA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
CHAPTER 5: Understanding Layers with Services and Microservices . . . . . . . . . . . . 111
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
This page intentionally left blank
Contents
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Reader Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx
C HAPTER 1: Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Additional Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Symbol Legend . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Updates, Errata, and Resources (www.servicetechbooks.com) . . .9
Service-Orientation (www.serviceorientation.com) . . . . . . . . . . . .10
What Is REST? (www.whatisrest.com) . . . . . . . . . . . . . . . . . . . . . .10
Referenced Specifications (www.servicetechspecs.com). . . . . . .10
SOASchool.com® SOA Certified Professional (SOACP) . . . . . . . .10
CloudSchool.com™ Cloud Certified Professional (CCP) . . . . . . . .10
BigDataScienceSchool.com™ Big Data Science Certified
Professional (BDSCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Notification Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
PART I: FUNDAMENTALS
Introduction to SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
4.1 The Four Characteristics of SOA . . . . . . . . . . . . . . . . . . . . . 61
Business-Driven . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Vendor-Neutral . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Enterprise-Centric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Composition-Centric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Design Priorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
4.2 The Four Common Types of SOA . . . . . . . . . . . . . . . . . . . . 70
Service Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71
Service Composition Architecture . . . . . . . . . . . . . . . . . . . . . . . . 77
Service Inventory Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Service-Oriented Enterprise Architecture . . . . . . . . . . . . . . . . . . 85
xii Contents
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384
This page intentionally left blank
Acknowledgments
This Second Edition is comprised of content from a variety of sources, including new
content that reflects industry developments and revised content from other series titles.
Thank you to all who helped shape what this book is comprised of, and special thanks
to the following individuals who contributed new insights and new design patterns:
In alphabetical order:
• Paulo Merson
• Roger Stoffers
Reader Services
Register your copy of Service-Oriented Architecture: Analysis and Design for Services and
Microservices at informit.com for convenient access to downloads, updates, and correc-
tions as they become available. To start the registration process, go to informit.com/
register and log in or create an account.* Enter the product ISBN, 9780133858587, and
click Submit. Once the process is complete, you will find any available bonus content
under “Registered Products.”
*Be sure to check the box that you would like to hear from us in order to receive exclusive
discounts on future editions of this product.
Chapter 1
Introduction
I am still humbled by the success this book has had for more than a dozen years. When I
was asked to put together a second edition, it seemed like a naturally sound idea. How-
ever, when I got down to working on this project it became clear that the scope of this
new edition would have to be significantly different from the original title.
This made me think carefully about what should and should not be part of this second
edition. Revisiting topics pertaining to technology did not make sense because they had
been covered exhaustively in several other titles. However, some of the subsequently
released books provide coverage of architecture, design, and methodology that is more
current and comprehensive than what was originally documented in the first edition of
Service-Oriented Architecture: Concepts, Technology, and Design. Repurposing and compil-
ing this content as part of this second edition so that the original scope and purpose of
the book could be preserved did make sense, while benefiting from the decade or so of
research and authoring that occurred since the publication of the fi rst edition.
This compiled content primarily comprises the three chapters in Part I of this book
together with new content pertaining to the formal introduction of microservices to
SOA. The chapters in Part II focus solely on service-oriented analysis and design with
some updates and new content pertaining to REST services and microservices.
1.1 How Patterns Are Used in this Book 3
Specifically, content from the following additional books has been repurposed, revised,
and/or incorporated into this second edition:
• SOA with REST: Principles, Patterns & Constraints for Building Enterprise Solutions
with REST
Select content has been updated, and some of it has been further augmented to incorpo-
rate the microservice model and micro task service layer.
I hope you find value in what’s been put together. It’s genuinely the best possible
second edition of the original title that could be assembled. The fact that this second
edition looks so much different from the first is a tribute to the tremendous progress
that has been made in the evolution and maturation of modern-day, service-oriented
architecture.
Patterns have also become an important part of the language used to author books in
this series. Most books published since the release of the SOA patterns catalog contain
references to relevant patterns, and some even introduce new ones.
Because this is the second edition of a book that originally did not contain patterns, it
was written without any requirement to know or understand patterns. Instead, wher-
ever appropriate, SOA Patterns sections have been inserted. These sections highlight
patterns relevant to preceding content. Appendix C contains summarized profi les of
4 Chapter 1: Introduction
all referenced patterns. Inline page references are used to link pattern references with
profiles, as explained in the upcoming Page References and Capitalization for Principles,
Constraints, and Patterns section.
So, even though patterns do not need to be understood or studied to complete this book,
it is highly recommended that you take the time to do so anyway. If you are brand new
to the world of design patterns, be sure to read the introductory section at the begin-
ning of Appendix C or the more comprehensive tutorial in Chapter 5 of the SOA Design
Patterns book.
1.2 Series Books That Cover Topics from the First Edition
As mentioned earlier, a number of topics from the first edition of this book were sub-
sequently covered more comprehensively in subsequent titles released as part of the
Prentice Hall Service Technology Series from Thomas Erl.
For those of you familiar with the first edition, let’s revisit the original chapters so that
we can identify those that remained part of this second edition and then map the others
to series titles that elaborated on their respective topic areas.
• Chapter 2, Case Studies – This chapter in the second edition contains abbreviated
case study backgrounds from the first edition of Service-Oriented Architecture:
Concepts, Technology & Design and SOA with REST: Principles, Patterns & Constraints
for Building Enterprise Solutions with REST.
• Chapter 3, Introducing SOA – The topics in this chapter have been significantly
updated with content from Chapter 3 of SOA Principles of Service Design and
Chapter 4 of SOA Design Patterns.
• Chapter 4, The Evolution of SOA – Chapter 4 of SOA Principles of Service Design cov-
ers historical origins of service-orientation and Chapters 3 and 4 of SOA Design
Patterns contrasts SOA to other architectural models.
• Chapter 5, Web Services and Primitive SOA, Chapter 6, Web Services and Contemporary
SOA Part I, and Chapter 7, Web Services and Contemporary SOA Part II – Web service
technologies and markup languages are covered in detail in Web Service Contract
Design and Versioning for SOA.
• Chapter 9, Service Layers – Chapters 6 and 7 of SOA Design Patterns provide a series
of design patterns that formally document established service layers. Service lay-
ers are covered in Chapter 5 of this second edition and the new micro task service
layer is introduced.
• Chapter 10, SOA Delivery Strategies – Chapter 5 of SOA Governance: Governing Shared
Services On-Premise & in the Cloud covers project stages and Chapter 6 addresses
methodology. The end of Chapter 4 in this second edition summarizes project
stages and related organizational roles.
• Chapter 11, Service-Oriented Analysis Part I and Chapter 12, Service-Oriented Analy-
sis Part II – Topics from these chapters are revisited in Chapters 6 and 7 of this
second edition, and are further supplemented with updated analysis content from
SOA with REST: Principles, Patterns & Constraints for Building Enterprise Solutions
with REST.
• Chapter 13, Service-Oriented Design Part I and Chapter 14, Service-Oriented Design
Part II – The markup languages from this chapter are covered in more detail in the
Web Service Contract Design and Versioning for SOA book.
• Chapter 15, Service-Oriented Design (Part III, Service Design) – Topics from this chap-
ter are revisited in Chapters 8 and 9 of this second edition and are further supple-
mented with updated design content from SOA with REST: Principles, Patterns &
Constraints for Building Enterprise Solutions with REST.
• Chapter 16, Service-Oriented Design (Part IV, Business Process Design) – Coverage
of orchestration-related technologies is provided in various sections in SOA with
.NET: Realizing Service-Orientation with the Microsoft Platform and SOA with Java:
Realizing Service-Orientation with Java Technologies.
• Chapter 17, Fundamental WS-* Extensions – Several of the standards from this chap-
ter are covered in more detail in Web Service Contract Design and Versioning for SOA.
• Chapter 18, SOA Platforms – The documentation of SOA support in .NET and Java
platforms is provided comprehensively in the corresponding SOA with .NET:
Realizing Service-Orientation with the Microsoft Platform and SOA with Java: Realizing
Service-Orientation with Java Technologies titles.
6 Chapter 1: Introduction
For more information about any of the aforementioned books from the Prentice Hall
Service Technology Series from Thomas Erl, visit www.servicetechbooks.com.
Part I: Fundamentals
Chapter 9: Service API and Contract Design with REST Services and Microservices
Service model-specific REST contract design considerations are revised to include
microservices. Design guidelines are provided, along with a section dedicated to com-
plex method design. Revised case study examples are also provided.
Chapter 10: Service API and Contract Versioning with Web Services and REST Services
This chapter contains a series of fundamental versioning techniques and considerations
for Web service and REST service contracts and APIs.
To facilitate the quick reference of profiles, a special convention is used. Each principle,
pattern, and constraint name is always capitalized and followed by a page number that
points to the corresponding profile page. This convention was established by the design
patterns community and is further being extended to design principles and design con-
straints in this book.
All page references point to profile tables located in the appendices. The profile tables
for constraints are provided in Appendix B, and those for principles and patterns are
located in Appendices A and C, respectively.
For example, the following statement first references a service-orientation design prin-
ciple, then an SOA design pattern, and finally a REST constraint:
“…the Service Loose Coupling (293) principle is supported via the application of the Decoupled
Contract [337] pattern and the Stateless {308} constraint ...”
For example, the preceding statement will more commonly be worded as follows:
“…Service Loose Coupling (293) is supported via the application of Decoupled Contract [337]
and Stateless {308}…”
This wording convention also has origins within the design patterns community. As
previously stated, if you run into a reference without an explicit qualifier, use the page
number delimiter (parentheses, square brackets, or curly braces) to identify its type
(principle, pattern, or constraint).
Additional Information
The following sections provide supplementary information and resources for the Pren-
tice Hall Service Technology Series from Thomas Erl.
Symbol Legend
This book contains a series of diagrams that are referred to as figures. The primary sym-
bols used throughout all figures are described in a symbol legend you can download
from www.arcitura.com/notation.
Service-Orientation (www.serviceorientation.com )
This site provides papers, book excerpts, and various content dedicated to describing
and defining the service-orientation paradigm, associated principles, and the service-
oriented technology architectural model.
Notification Service
If you would like to be automatically notified of new book releases in this series, new
supplementary content for this title, or key changes to the previously listed websites,
use the notification form at www.servicetechbooks.com.
This page intentionally left blank
Chapter 2
Background information is provided for two different organizations. The fi rst is Transit
Line Systems, Inc. (TLS), a private sector corporation. The other is Midwest University
Association (MUA), a public sector academic institution.
TLS is a corporation that has undergone a great deal of change over the past decade. The
identity and structure of the company has been altered numerous times, mostly because
of corporate acquisitions and the subsequent integration processes. Its IT department
has had to deal with a volatile business model and regular additions to its supported
set of technologies and automation solutions. TLS’s technical environment therefore is
riddled with custom-developed applications and third-party products that were never
intended to work together.
The cost of business automation has skyrocketed, as the effort required to integrate
these many systems has become increasingly complex and onerous. Not only has the
maintenance of automation solutions become unreasonably expensive, but their com-
plexity and lack of flexibility have significantly slowed down the IT department’s ability
to respond to business change.
2.3 Case Study Background #2: Midwest University Association 15
Each program within the university has an independent IT staff and budget to support
systems management. The remote campuses also have their own IT departments. Col-
laboration with external educational institutions is governed by an independent, central
enterprise architecture group.
There are various automated solutions for common processes, such as student enroll-
ment, course cataloging, accounting, financials, as well as grading and reporting. The
primary system for record keeping is an IBM mainframe that is reconciled every night
with a batch feed from the individual remote locations. The different schools them-
selves employ a variety of technologies and platforms.
Fundamentals
Chapter 3: Understanding Service-Orientation
Chapter 4: Understanding SOA
Chapter 5: Understanding Layers with Services
and Microservices
This page intentionally left blank
Chapter 3
Understanding Service-Orientation
Similarly, an organization that carries out tasks associated with its purpose or busi-
ness is also providing a service. As long as the task or function being provided is well
defined and can be relatively isolated from other associated tasks, it can be distinctly
classified as a service (Figure 3.2).
Figure 3.2
dispatcher
A company that employs these
three people can compose their
capabilities to carry out its
business.
driver
ABC
Delivery
bookkeeper
NOTE
A Web service contract is generally comprised of a WSDL definition and one or more XML
Schema definitions. Services implemented as REST services are accessed via a uniform
contract, such as the one provided by HTTP and Web media types. Chapters 8 and 9 pro-
vide examples of Web service and REST service contracts.
Invoice Invoice
Figure 3.4
The chorded circle symbol used to display an Invoice service contract (left), and
a variation of this symbol used specifically for REST service contracts (right).
Figure 3.5
Much like a human, an automated Shipment
service can provide multiple
capabilities. “I can:
Get
- drive Add
- fill out a waybill Report
- collect payment etc.
etc.”
3.1 Introduction to Service-Orientation 23
A service consumer is the runtime role assumed by a software program when it accesses
and invokes a service—or, more specifically, when it sends a message to a service capa-
bility expressed in the service contract. Upon receiving the request, the service begins
executing logic encompassed by the invoked capability and it may or may not return a
corresponding response message to the service consumer. A service consumer can be
any software program capable of invoking a service via its API. A service itself may act
as the consumer of another service.
The term “agnostic” originated from Greek and means “without knowledge.”
Therefore, logic that is sufficiently generic so that it is not specific to (has no knowl-
edge of) a particular parent task is classified as agnostic logic. Because knowledge
that is specific to a single-purpose task is intentionally omitted, agnostic logic is
considered multipurpose. Conversely, logic that is specific to (contains knowledge
of) a single-purpose task is labeled as non-agnostic logic.
Different design paradigms exist for distributed solution logic. What distinguishes
service-orientation is the manner in which it carries out the separation of concerns and
how it shapes the individual units of solution logic with specific characteristics and in
support of a specific target state.
Figure 3.6
This symbol, comprised of three connected spheres,
represents a service composition. Other, more detailed
representations are based on the use of chorded circle
symbols that illustrate which service capabilities are
actually being composed.
3.1 Introduction to Service-Orientation 25
Figure 3.7
The service inventory symbol is comprised
of spheres within a container.
Figure 3.8
Services (top) are delivered into a service
inventory (right) from which service
compositions (bottom) are drawn. service
service inventory
service composition
26 Chapter 3: Understanding Service-Orientation
Here’s a brief recap of the elements of service-orientation that have been covered so far:
• A collection of standardized services can form the basis of a service inventory that
can be independently governed within its own physical deployment environment.
• Standardized Service Contract (291) – Services within the same service inventory are
in compliance with the same contract design standards.
Services express their purpose and capabilities via a service contract. This is
perhaps the most fundamental principle in that it essentially dictates the need for
service-oriented solution logic to be partitioned and distributed in a standardized
manner. It also places a great deal of emphasis on the design of service contracts
to ensure that the manner in which services express functionality and define data
types is kept in relative alignment.
• Service Loose Coupling (293) – Service contracts impose low consumer coupling
requirements and are themselves decoupled from their surrounding environment.
• ServiceA bstraction( 294) – Service contracts only contain essential information and
information about services is limited to what is published in service contracts.
• Service Reusability (295) – Services contain and express agnostic logic and can be
positioned as reusable enterprise resources.
Whenever we build a service, we look for ways to make its underlying capabilities
useful for more than just one purpose. Reuse is greatly emphasized with service-
orientation—so much so, that it becomes a core part of the design process and it
also forms the basis for key service models (as explained in Chapter 5).
• Service Autonomy (297) – Services exercise a high level of control over their underlying
runtime execution environment.
For services to carry out their capabilities consistently and reliably, their under-
lying solution logic needs to have a significant degree of control over its envi-
ronment and resources. Service Autonomy (297) supports the extent to which
other design principles can be effectively realized in real-world production
environments.
implement a
standardized contract Standardized
Service Contract
Service minimize dependencies
Loose Coupling
implement generic and
reusable logic and contract Service
Reusability
minimize the availability
Service of meta information
Abstraction implement independent
functional boundary and
runtime environment Service
Autonomy
implement communicative
meta information Service
Discoverability
service
Figure 3.9
How service-orientation design principles collectively shape service design.
SOA PATTERNS
Service-orientation principles are closely related to SOA patterns. Note how each
pattern profile table in Appendix C contains a field dedicated to showing related
design principles.
This has been an accepted and proven approach to achieving tangible business benefits
through the use of technology and has been successful at providing a relatively predict-
able return on investment (Figure 3.11).
30 Chapter 3: Understanding Service-Orientation
Figure 3.10
A ratio of one application for each new set of automation requirements has been common.
Development cost = x
Yearly operational cost = y
Estimated yearly savings
due to increased productivity = (x/2) - y
Validate Timesheet
Application
Figure 3.11
A sample formula for calculating ROI is based on a predetermined
investment with a predictable return.
The ability to gain any further value from these applications is usually inhibited because
their capabilities are tied to specific business requirements and processes (some of
which will even have a limited lifespan). When new requirements and processes come
our way we are forced to either make significant changes to what we already have or
build a new application altogether.
3.2 Problems Solved by Service-Orientation 31
In the latter case, although repeatedly building “disposable applications” is not the per-
fect approach, it has proven itself as a legitimate means of automating business. Let’s
explore some of the lessons learned by first focusing on the positive.
• Solutions can be built efficiently because they only need to be concerned with the
fulfillment of a narrow set of requirements associated with a limited set of busi-
ness processes.
• The business analysis effort involved with defi ning the process to be automated is
straightforward. Analysts are focused only on one process at a time and therefore
only concern themselves with the business entities and domains associated with
that one process.
• The project delivery lifecycle for each solution is streamlined and relatively pre-
dictable. Although IT projects are notorious for being complex endeavors, riddled
with unforeseen challenges, when the delivery scope is well-defined (and doesn’t
change), the process and execution of the delivery phases have a good chance of
being carried out as expected.
• Building new systems from the ground up allows organizations to take advantage
of the latest technology advancements. The IT marketplace progresses every year
to the extent that we fully expect technology we use to build solution logic today
to be different and better tomorrow. As a result, organizations that repeatedly
build disposable applications can leverage the latest technology innovations with
each new project.
These and other common characteristics of traditional solution delivery provide a good
indication as to why this approach has been so popular. Despite its acceptance, though,
it has become evident that there is still much room for improvement.
Figure 3.12
Different applications developed
independently can result in significant 17 % 18 % 22 %
amounts of redundant functionality.
The applications displayed were
delivered with various levels of
Application A Application B Application C
solution logic that, in some form,
already existed.
29 %
18 %
16 %
Figure 3.13
Application A was delivered for a
Amount of redundant logic required = 17%
specific set of business requirements.
Cost = x
Because a subset of these business
Cost of non-redundant application logic = 83% of x
requirements had already been
fulfilled elsewhere, Application A’s
delivery scope is larger than it has
to be. Application A
It Bloats an Enterprise
Each new or extended application adds to the bulk of an IT environment’s system
inventory (Figure 3.14). The ever-expanding hosting, maintenance, and administration
demands can inflate an IT department in budget, resources, and size to the extent that
IT becomes a significant drain on the overall organization.
3.2 Problems Solved by Service-Orientation 33
Figure 3.15
Different application environments within the same enterprise can introduce incompatible
runtime platforms as indicated by the shaded zones.
34 Chapter 3: Understanding Service-Orientation
Figure 3.16
A vendor-diverse enterprise can introduce a variety of integration challenges, as expressed
by the little lightning bolts that highlight points of concern when trying to bridge proprietary
environments.
The consistent application of the eight design principles we listed earlier results in the
widespread proliferation of the corresponding design characteristics:
When these characteristics exist as real parts of implemented services they establish a
common synergy. As a result, the complexion of an enterprise changes as the following
distinct qualities are consistently promoted.
Figure 3.17
Business processes are automated by a series of business process–specific services
(top layer) that share a pool of business process–agnostic services (bottom layer). These
layers correspond to service models described in Chapter 5.
36 Chapter 3: Understanding Service-Orientation
Business Application A
Process
A
Service Composition A
Figure 3.18
Business Process A can be automated by either Application A or Service Composition A. The delivery of
Application A can result in a body of solution logic that is all specific to and tailored for the business process.
Service Composition A would be designed to automate the process with a combination of reusable services and
40% of additional logic specific to the business process.
quantity of overall
automation logic = x
quantity of overall
automation logic = 85% of x
quantity of overall
automation logic = 65% of x
Figure 3.19
The quantity of solution logic shrinks as an enterprise transitions toward a standardized
service inventory comprised of “normalized” services. (Service normalization is
explained further at the end of Chapter 5.)
Inherent Interoperability
Common design characteristics consistently implemented result in solution logic that
is naturally aligned. When this carries over to the standardization of service contracts
and their underlying data models, a base level of automatic interoperability is achieved
across services, as illustrated in Figure 3.20. (See the Service-Orientation and the Concept
of “Integration” section later in this chapter.)
NOTE
See Chapter 4 in SOA Principles of Service Design for coverage of common challenges
introduced by service-orientation.
38 Chapter 3: Understanding Service-Orientation
service
inventory
service
composition
Figure 3.20
Services from different parts of a service inventory can be combined into new compositions. If
these services are designed to be intrinsically interoperable, the effort to assemble them into new
composition configurations is significantly reduced.
As a result, we make a very deliberate move away from the silos in which applications
previously existed. Because we want to share reusable logic whenever possible, we auto-
mate existing, new, and augmented business processes through service composition.
This results in a shift where more and more business requirements are fulfi lled not by
building or extending applications, but by simply composing existing services into new
composition configurations.
3.3 Effects of Service-Orientation on the Enterprise 39
a standalone
application
automates a
business process
Figure 3.21
The traditional application, delivered to automate specific business process logic.
a service
composition
comprised of
services from
the service
inventory
automates a
business process
service Service
inventory Composition A
Business Process A
Figure 3.22
The service composition, intended to fulfill the role of the traditional application by leveraging agnostic and non-
agnostic services from a service inventory. This essentially establishes a “composite application.”
40 Chapter 3: Understanding Service-Orientation
The application therefore loses its individuality. One could argue that a service-oriented
application actually does not exist because it is, in fact, just one of many service compo-
sitions. However, upon closer reflection, we can see that some of our services (based on
the service models established in Chapter 5) are actually not business process agnostic.
One service, for example, intentionally represents logic that is dedicated to the automa-
tion of just one business task, and therefore not necessarily reusable.
So, single-purpose services can still be associated with the notion of an application.
However, within service-oriented computing, the meaning of this term can change to
reflect the fact that a potentially large portion of the application logic is no longer exclu-
sive to the application.
In the past, integrating something implied connecting two or more applications or pro-
grams that may or may not have been compatible (Figure 3.23). Perhaps they were based
on different technology platforms or maybe they were never designed to connect with
anything outside of their own internal boundary. The increasing need to hook up dis-
parate pieces of software to establish a reliable level of data exchange is what turned
integration into an important, high profile part of the IT industry.
Services designed to be “intrinsically interoperable” are built with the full awareness
that they will need to interact with a potentially large range of service consumers, most
of which will be unknown at the time of their initial delivery. If a significant part of our
enterprise solution logic is represented by an inventory of intrinsically interoperable
services, it empowers us with the freedom to mix and match these services into infinite
composition configurations to fulfill whatever automation requirements come our way.
3.3 Effects of Service-Orientation on the Enterprise 41
Application A Application B
two applications
integrated specifically
to automate a new
business process
Business Process G
Figure 3.23
The traditional integration architecture, comprised of two or more applications
connected in different ways to fulfill a new set of automation requirements (as
dictated by the new Business Process G).
As a result, the concept of integration begins to fade. Exchanging data between dif-
ferent units of solution logic becomes a natural and secondary design characteristic
(Figure 3.24). Again, though, this is something that can only transpire when a sub-
stantial percentage of an organization’s solution logic is represented by a quality ser-
vice inventory. While working toward achieving this environment, there will likely be
many requirements for traditional integration between existing legacy systems but also
between legacy systems and these services.
42 Chapter 3: Understanding Service-Orientation
service Service
inventory Composition G
Business Process G
Figure 3.24
A new combination of services is composed together to fulfill the role of traditional
integrated applications.
service
composition
integrated
applications/solutions/systems
The upcoming sections describe each of these strategic goals and benefits.
strategic goals
44 Chapter 3: Understanding Service-Orientation
Invoice
Project Team A
Project Team B
Timesheet
Project Team C
Invoice Timesheet
Figure 3.27
Services are designed to be intrinsically interoperable regardless of when and for which purpose
they are delivered. In this example, the intrinsic interoperability of the Invoice and Timesheet
services delivered by Project Teams A and B allow them to be combined into a new service
composition by Project Team C.
• Service Loose Coupling (293) – Reducing the degree of service coupling fosters
interoperability by making individual services less dependent on others and
therefore more open for invocation by different service consumers.
• ServiceA bstraction( 294) – Abstracting details about the service limits all interop-
eration to the service contract, increasing the long-term consistency of interoper-
ability by allowing underlying service logic to evolve more independently.
Increased Federation
A federated IT environment is one where resources and applications are united while
maintaining their individual autonomy and self-governance. Service-orientation aims
to increase a federated perspective of an enterprise to whatever extent it is applied. It
accomplishes this through the widespread deployment of standardized and compos-
able services, each of which encapsulates a segment of the enterprise and expresses it in
a consistent manner.
Figure 3.28
Three service contracts establishing
a federated set of endpoints, each
of which encapsulates a different Validate
implementation. Timesheet
Invoice
Timesheet
3.4 Goals and Benefits of Service-Oriented Computing 47
This represents an important state for an enterprise in that it provides the constant free-
dom for an organization to change, extend, and even replace solution implementations
and technology resources without disrupting the overall, federated service architec-
ture. This measure of governance autonomy is attractive because it prolongs the life-
span and increases the financial return of automation solutions.
Figure 3.29
A service composition consisting of three services,
each of which encapsulates a different vendor
automation environment. If service-orientation Validate Java
is adequately applied to the services, underlying Timesheet
disparity will not inhibit their ability to be combined DB2
into effective compositions.
Java .NET
Timesheet
Invoice
SQL
10g
Server
48 Chapter 3: Understanding Service-Orientation
Furthermore, the fact that services are designed to be intrinsically interoperable directly
facilitates business change. As business processes are augmented in response to vari-
ous factors (business climates, new policies, new priorities, etc.) services can be recon-
figured into new compositions that reflect the changed business logic. This allows a
service-oriented technology architecture to evolve in tandem with the business itself.
Increased ROI
Measuring the return on investment (ROI) of automated solutions is a critical factor
in determining just how cost effective a given application or system actually is. The
greater the return, the more an organization benefits from the solution. However, the
lower the return, the more the cost of automated solutions eats away at an organiza-
tion’s budgets and profits.
3.4 Goals and Benefits of Service-Oriented Computing 49
Figure 3.30
Services with business-centric functional
contexts are carefully modeled to express Run Billing
Report
and encapsulate corresponding business
models and logic. Business Process
Definition
Invoice
Invoice
Business Entity
Model
Timesheet
Because the nature of required application logic has increased in complexity and due
to ever-growing, non-federated integration architectures that are difficult to maintain
and evolve, the average IT department represents a significant amount of an organiza-
tion’s operational budget. For many organizations, the financial overhead required by
IT is a primary concern because it often continues to rise without demonstrating any
corresponding increase in business value.
With this benefit in mind, additional up-front expense and effort is invested into every
piece of solution logic to position it as an IT asset for the purpose of repeatable, long-
term financial returns. As shown in Figure 3.31, the emphasis on increasing ROI typi-
cally goes beyond the returns traditionally sought as part of past reuse initiatives. This
has much to do with the fact that service-orientation aims to establish reuse as a com-
mon, secondary characteristic within most services.
50 Chapter 3: Understanding Service-Orientation
traditional
unit of solution 1st 2nd 3rd
logic year year year
x y yx2 yx3
Figure 3.31
An example of the types of formulas being used to calculate ROI for SOA projects. More is invested in
the initial delivery with the goal of benefiting from increased subsequent reuse.
It is important to acknowledge that this goal is not simply tied to the benefits tradition-
ally associated with software reuse. Proven commercial product design techniques are
incorporated and blended with existing enterprise application delivery approaches to
form the basis of a distinct set of service-oriented analysis and design processes (as
covered in the chapters in Part II, Service-Oriented Analysis and Design).
The net result of this fundamental shift in project delivery is heightened responsiveness
and reduced time to market potential, all of which translates into increased organiza-
tional agility.
Cost = x Timesheet
Effort = y Validation
Time = z Solution
time to market
service
inventory
Figure 3.32
The delivery timeline is projected based on the percentage of “net new” solution logic that needs to be
built. Though in this example only 35% of new logic is required, the timeline is reduced by around 50%
because significant effort is still required to incorporate existing, reusable services from the inventory.
52 Chapter 3: Understanding Service-Orientation
NOTE
Organizational agility represents a target state that organizations work toward as they
deliver services and populate service inventories. The organization benefits from increased
responsiveness after a significant amount of services is in place. The processes required to
model and design those services require more upfront cost and effort than building the cor-
responding quantity of solution logic using traditional project delivery approaches.
Reduced IT Burden
Consistently applying service-orientation results in an IT enterprise with reduced waste
and redundancy, reduced size and operational cost (Figure 3.33), and reduced overhead
associated with its governance and evolution. Such an enterprise can benefit an organi-
zation through dramatic increases in efficiency and cost-effectiveness.
Figure 3.33
If you were to take a typical automated enterprise
enterprise and redevelop it entirely with an
inventory of
with custom, normalized services, its integrated
overall size would shrink considerably, applications
resulting in a reduced operational
scope.
the same
enterprise
with an
inventory
of services
In essence, the attainment of the previously described goals can create a leaner, more
agile IT department, one that is less of a burden on the organization and more of an
enabling contributor to its strategic goals.
Increased
Standardized Intrinsic
Service Contract Interoperability
Service
Loose Coupling Increased
Federation
Service
Abstraction
Increased
Vendor
Diversity
Options
Service
Reusability
Increased
Business and
Technology
Alignment
Service
Autonomy
Increased
ROI
Service
Statelessness
Increased
Organizational
Service Agility
Discoverability
Service Reduced
Composability IT Burden
Figure 3.34
The repeated application of service-orientation principles to services that are delivered as part of a collection leads to
a target state based on the manifestation of the strategic goals associated with service-oriented computing.
54 Chapter 3: Understanding Service-Orientation
• Balanced Scope – The extent to which the required levels of Teamwork, Education,
and Discipline need to be realized is represented by a meaningful yet manageable
scope.
The existence of these four pillars is considered essential to any SOA initiative. The
absence of any one of these pillars to a significant extent introduces a major risk factor. If
such an absence is identified in the early planning stages, it can warrant not proceeding
with the project until it has been addressed—or the project’s scope has been reduced.
Teamwork
Whereas traditional silo-based applications require cooperation among
members of individual project teams, the delivery of services and ser-
Teamwork
vice-oriented solutions requires cooperation across multiple project
teams. The scope of the required teamwork is noticeably larger and can
introduce new dynamics, new project roles, and the need to forge and
maintain new relationships among individuals and departments. Those on the overall
SOA team need to trust and rely on each other; otherwise the team will fail.
3.5 Four Pillars of Service-Orientation 55
Education
A key factor to realizing the reliability and trust required by SOA team
members is to ensure that they use a common communications frame-
Education
work based on common vocabulary, definitions, concepts, methods,
and a common understanding of the target state the team is collectively
working to attain. To achieve this common understanding requires
common education, not just in general topics pertaining to service-orientation, SOA,
and service technologies, but also in specific principles, patterns, and practices, as well
as established standards, policies, and methodology specific to the organization.
Discipline
A critical success factor for any SOA initiative is consistency in how
knowledge and practices among a cooperative team are used and
Discipline
applied. To be successful as a whole, team members must therefore be
disciplined in how they apply their knowledge and in how they carry
out their respective roles. Required measures of discipline are com-
monly expressed in methodology, modeling, and design standards, as well as gover-
nance precepts. Even with the best intentions, an educated and cooperative team will
fail without discipline.
Balanced Scope
So far we’ve established that we need:
In some IT enterprises, especially those with a long history of building silo-based appli-
cations, achieving these qualities can be challenging. Cultural, political, and various
other forms of organizational issues can arise to make it difficult to attain the necessary
organizational changes required by these three pillars. How then can they be realisti-
cally achieved? It all comes down to defi ning a balanced scope of adoption.
NOTE
The concept of a balanced scope corresponds directly to the following guideline in the
SOA Manifesto:
“The scope of SOA adoption can vary. Keep efforts manageable and within meaningful
boundaries.”
See Appendix D for the complete SOA Manifesto and the Annotated SOA Manifesto.
Once a balanced scope of adoption has been defined, this scope determines the extent
to which the other three pillars need to be established. Conversely, the extent to which
you can realize the other three pillars will influence how you determine the scope
(Figure 3.35).
• Cultural obstacles
• Authority structures
• Geography
• Available IT resources
3.5 Four Pillars of Service-Orientation 57
Figure 3.35
The Balanced Scope pillar
encompasses and sets the scope
at which the other three pillars are
applied for a given adoption effort.
Teamwork
Education Discipline
Balanced Scope
A single organization can choose one or more balanced adoption scopes (Figure 3.36).
Having multiple scopes results in a domain-based approach to adoption. Each domain
establishes a boundary for an inventory of services. Among domains, adoption of
service-orientation and the delivery of services can occur independently. This does not
result in application silos; it establishes meaningful service domains (also known as
“continents of services”) within the IT enterprise.
SOA PATTERNS
The domain service inventory originated with the Domain Inventory [338]
pattern, which is an alternative to the Enterprise Inventory [340] pattern.
58 Chapter 3: Understanding Service-Orientation
IT enterprise
Teamwork Teamwork
Teamwork
Education Discipline
Balanced Scope
Figure 3.36
Multiple balanced scopes can exist within the same IT enterprise. Each represents a separate domain service
inventory that is independently standardized, owned, and governed.
Chapter 4
Understanding SOA
Introduction to SOA
4.1 The Four Characteristics of SOA
4.2 The Four Common Types of SOA
4.3 The End Result of Service-Orientation and SOA
4.4 SOA Project and Lifecycle Stages
T he focus of this chapter is to establish the link between service-orientation and
technology architecture, establish distinct SOA characteristics and types, and raise
key project delivery considerations.
NOTE
Several of the upcoming sections make reference to clouds and cloud computing in
general. If you are new to cloud computing, you can find introductory content at www.
whatiscloud.com and cloud computing patterns at www.cloudpatterns.org . More compre-
hensive coverage is provided in the Cloud Computing: Concepts, Technology & Architecture
and Cloud Computing Design Patterns titles that are part of the Prentice Hall Service Tech-
nology Series from Thomas Erl.
Introduction to SOA
Let’s briefly recap some of the topics covered in Chapter 3 to clearly establish how they
relate to each other and how they specifically lead to a definition of SOA:
In other words:
NOTE
As we explore each of these characteristics individually, keep in mind that in real-world
implementations the extent to which these characteristics can be attained will likely vary.
Business-Driven
Technology architectures are commonly designed in support of solutions delivered to
fulfill tactical (short-term) business requirements. Because the over-arching, strategic
(long-term) business goals of the organization aren’t taken into consideration when
the architecture is defined, this approach can result in a technical environment that,
over time, becomes out of alignment with the organization’s business direction and
requirements.
62 Chapter 4: Understanding SOA
year 1
Business Technology
Architecture A Architecture A
year 2
Business Technology
Architecture A Architecture A
year 3
Business Technology
Architecture A Architecture A
year 4
Business Technology
Architecture A Architecture B
Figure 4.1
A technology architecture (A) is often delivered in alignment with the current state of a business but can be incapable of
changing in alignment with how the business evolves. As business and technology architectures become increasingly
out of sync, business requirement fulfillment decreases, often to the point that a whole new technology architecture (B)
is needed, which effectively resets this cycle.
year 1
Business Technology
Architecture A Architecture A
year 2
Business Technology
Architecture A Architecture A
year 3
Business Technology
Architecture A Architecture A
year 4
Business Technology
Architecture A Architecture A
Figure 4.2
By defining a strategic, business-centric scope to the technology architecture, it can be kept in constant sync
with how the business evolves over time.
Vendor-Neutral
Designing a service-oriented technology architecture around one particular vendor
platform can lead to an implementation that inadvertently inherits proprietary charac-
teristics. This can end up inhibiting the future evolution of an inventory architecture in
response to technology innovations that become available from other vendors.
Technology Technology
Architecture Architecture
Vendor A A Vendor A A
Architecture Architecture
years 1-3
Architecture Architecture Architecture Architecture
Vendor A Vendor A
Architecture Architecture
year 4
Technology Technology
Architecture Architecture
B B
Figure 4.3
Vendor-centric technology architectures are often bound to corresponding vendor platform roadmaps. This can
reduce opportunities to leverage technology innovations provided by other vendor platforms and can result in
the need to eventually replace the architecture entirely with a new vendor implementation (which starts the cycle
over again).
4.1 The Four Characteristics of SOA 65
Technology
Architecture
Vendor A Vendor A A
Architecture Architecture
years 1-3
Architecture Architecture Architecture Architecture
Arc
chit
hitec
ect
ctture
ure
Technology
Architecture
A
Vendor A Vendor A
Architecture Architecture
Architecture
A
Technology
Architecture
A
Figure 4.4
If the architectural model is designed to be and remain neutral to vendor platforms, it maintains the freedom to
diversify its implementation by leveraging multiple vendor technology innovations. This increases the longevity of the
architecture as it is allowed to augment and evolve in response to changing requirements.
66 Chapter 4: Understanding SOA
NOTE
Just because an architecture is classified as vendor-neutral doesn’t mean it is also aligned
with current vendor technology. Some models produced by independent efforts are out of
synch with the manner in which mainstream SOA technology exists today and is expected
to evolve in the future and can therefore be just as inhibitive as vendor-specific models.
Enterprise-Centric
The fact that service-oriented solutions are based on a distributed architecture doesn’t
mean that there still isn’t the constant danger of creating new silos within an enterprise
when building poorly designed services, as illustrated in Figure 4.5.
Enterprise A
Figure 4.5
Single-purpose services delivered to automate specific business processes can end up establishing
silos within the enterprise.
Essentially, the body of logic is classified as a resource of the enterprise. This does not
necessarily make it an enterprise-wide resource or one that must be used throughout an
entire technical environment. An enterprise resource is simply logic positioned as an IT
asset; an extension of the enterprise that does not belong solely to any one application
or solution.
SOA PATTERNS
Service Inventory A
Enterprise A
Figure 4.6
When services are positioned as enterprise resources, they no longer create or reside in silos. Instead
they are made available to a broader scope of utilization by being part of a service inventory.
68 Chapter 4: Understanding SOA
Composition-Centric
More so than in previous distributed computing paradigms, service-orientation places
an emphasis on designing software programs as not just reusable resources, but as flex-
ible resources that can be plugged into different aggregate structures for a variety of
service-oriented solutions.
Service Inventory A
Figure 4.7
Services within the same service inventory are composed into different configurations.
The highlighted service is reused by multiple compositions to automate different business
processes.
4.1 The Four Characteristics of SOA 69
Design Priorities
A valuable perspective of how service-orientation relates to SOA and of how the for-
malization of this relationship results in a set of design priorities was provided by the
publication of the “SOA Manifesto.” Have a look at the following excerpt:
That is, while we value the items on the right, we value the items on the left more.
It is evident how these design priorities are directly supported by the service-orientation
design paradigm and the service-oriented architectural model. This is further explored
in the “Annotated SOA Manifesto” that was published at www.soa-manifesto.com and
is also provided in Appendix D of this book.
70 Chapter 4: Understanding SOA
To better understand the basic mechanics of SOA, we now need to study the com-
mon types of technology architectures that exist within a typical service-oriented
environment:
SOA PATTERNS
Architecture types are closely related to SOA patterns. Note how each pat-
tern profile table in Appendix C contains a field dedicated to showing related
architectures.
middleware) that then form the foundation of service and composition architectures
implemented within an inventory’s boundary.
The following section explores the architecture types individually and concludes by
highlighting links between these characteristics and common SOA design priorities.
Figure 4.8
The layered SOA model
Service-Oriented
establishes the four common Enterprise
SOA types: service architecture,
service composition architecture,
Service
service inventory architecture, Inventory
and service-oriented enterprise
architecture.
Service
Composition
Service
Service Architecture
A technology architecture limited to the physical design of a software program designed
as a service is referred to as the service architecture. This form of technology architecture
is comparable in scope to a component architecture, except that it will typically rely on a
greater amount of infrastructure extensions to support its need for increased reliability,
performance, scalability, behavioral predictability, and especially its need for increased
autonomy. The scope of a service architecture will also tend to be larger because a ser-
vice can, among other things, encompass multiple components (Figure 4.9).
Whereas it was not always that common to document a separate architecture for a com-
ponent in traditional distributed applications, the importance of producing services
that need to exist as independent and highly self-sufficient and self-contained software
programs requires that each be individually designed.
72 Chapter 4: Understanding SOA
message
Accounts Service
processing
logic
Config.xml
core
service
logic
state Identity Store
repository
legacy APIs
shared databases
one-way replication
Figure 4.9
An example of a high-level service architecture view for the Accounts service, depicting the parts of the surrounding
infrastructure utilized to fulfill the functional requirements of all capabilities. Additional views can be created to show
only those architectural elements related to the processing of specific capabilities. Further detail, such as data flow and
security requirements, would normally also be included.
4.2 The Four Common Types of SOA 73
service
custodian SLA
service registry
profile record
processing
message
core
g
i
Accounts.wsdl
logic
service
l i
logic
Client.xsd
Invoice.xsd
Figure 4.10
The custodian of the Accounts service intentionally limits access to architecture documentation. As a result,
service consumer designers are only privy to published service contract documents.
The application of design standards and other service-orientation design principles fur-
ther affects the depth and detail to which a service’s technology architecture may need
to be defined (Figure 4.11). For example, implementation considerations raised by the
Service Autonomy (297) and Service Statelessness (298) principles can require a service
architecture to extend deeply into its surrounding infrastructure by defining exactly
74 Chapter 4: Understanding SOA
Accounts Service
Standardized
Service Contract
endpoint Service
design message Loose Coupling
standards processing
logic
Service
Discoverability
communication
technology
core Service
application service Reusability
design logic
standards
Service
Autonomy
technology,
modeling
Service
Statelessness
data
design
standards
replicated
data
Figure 4.11
Custom design standards and service-orientation design principles are applied to establish a specific
set of design characteristics within the Accounts service architecture.
A central part of a service architecture is typically its API. Following standard service-
oriented design processes, the service contract is generally the first part of a service to
be physically delivered. The capabilities expressed by the contract further dictate the
scope and nature of its underlying logic and the processing requirements that will need
to be supported by its implementation (Figure 4.12).
4.2 The Four Common Types of SOA 75
Accounts.xsd
<complexType>
...
...
</complexType>
Accounts.wsdl
<operation>
Accounts ...
... B
</operation>
Add
Remove <operation>
...
... B
</operation> C
A
Invoice.xsd
Client.xsd
<complexType> <complexType>
... ...
... ...
</complexType> </complexType>
Figure 4.12
The service contract is a fundamental part of the Accounts service architecture. Its definition gives the service a
public identity and helps express its functional scope. Specifically, the WSDL document (A) expresses operations
that correspond to segments of functionality (B) within the underlying Accounts service logic. The logic, in
turn, accesses other resources in the enterprise to carry out those functions (C). To accomplish this, the WSDL
document provides data exchange definitions via input and output message types established in separate XML
schema documents (D).
76 Chapter 4: Understanding SOA
This is why some consideration is given to implementation during the service modeling
phase. The details documented during this analysis stage are carried forth into design,
and much of this information can make its way into the official architecture definition.
NOTE
Many organizations use standard service profile documents to collect and maintain informa-
tion about a service throughout its lifespan. Chapter 15 of SOA: Principles of Service Design
explains the service profile document and provides a sample template.
SOA PATTERNS
Within a service architecture the specific agent programs may be identified along with
runtime information as to how message contents are processed or even altered by agent
involvement. Service agents may themselves also have architecture specifications that
can be referenced by the service architecture (Figure 4.13).
A key aspect of any service architecture is the fact that the functionality offered by a
service resides within one or more individual capabilities. This often requires the archi-
tecture definition itself to be taken to the capability level.
Each service capability encapsulates its own piece of logic. Some of this logic may be
custom-developed for the service, whereas other capabilities may need to access one or
more legacy resources. Therefore, individual capabilities end up with their own, indi-
vidual designs that may need to be so detailed that they are documented as separate
“capability architectures.” However, all relate back to the parent service architecture.
4.2 The Four Common Types of SOA 77
authentication
decryption
encryption
header processing
Accounts Service
validation
conversion
retrieval of
supplemental data
Figure 4.13
A variety of service agents are part of the Accounts service architecture. Some
perform general processing of all data whereas others are specific to input or output
data flow.
Accounts
Add
4
1
2 3
Client Invoice
Get Get
Figure 4.14
The Accounts service composition from a modeling perspective. The numbered arrows indicate
the sequence of data flow and service interaction required for the Add capability to compose
capabilities within the Client and Invoice services.
NOTE
Standard composition terminology defines two basic roles that services can assume
within a composition. The service responsible for composing others takes on the role
of composition controller, whereas composed services are referred to as composition
members.
Accounts Accounts
.wsdl .xsd
Accounts Service
message
processing
logic
Config.xml
message message
Invoice Service
Client Service
processing processing
logic logic
Client Invoice
.wsdl .wsdl
Client Invoice
.xsd .xsd
Figure 4.15
The same Accounts service composition from Figure 4.14 viewed from a physical
architecture perspective illustrating how each composition member’s underlying
resources provide the functionality required to automate the process logic represented
by the Accounts service’s Add capability.
80 Chapter 4: Understanding SOA
Common Invoice
.xsd .xsd
Accounts Service
Service
Invoice Service
IInvoice
nvoic
ce
processing
..wsdl
wsdl
message
core
logic
service
logic
Accounts Accounts
.wsdl .xsd
Client Service
ervice
Client Client
ent
.wsdl .xsd
sd
Figure 4.16
The physical service architecture view from Figure 4.15 is not available to the designer of the Accounts service.
Instead, only the information published in the contracts for the Invoice and Client services can be accessed.
4.2 The Four Common Types of SOA 81
Annual Reports
Revenue
1
2
10
3 5
4
Commissions AP Accounts
6 8
7 9
Client Invoice
Figure 4.17
The Accounts service finds itself nested within the larger Annual Reports composition that composes the
Accounts Get History capability which, in turn, composes capabilities within the Client and Invoice services.
82 Chapter 4: Understanding SOA
Service composition architectures are much more than just an accumulation of individ-
ual service architectures (or contracts). A newly created composition is usually accom-
panied by a non-agnostic task service that is positioned as the composition controller.
The details of this service are less private, and its design is an integral part of the archi-
tecture because it provides the composition logic to invoke and interact with all identi-
fied composition members.
Furthermore, the business process the service is required to automate may involve
the need for composition logic capable of dealing with multiple runtime scenarios
(exception-related or otherwise), each of which may result in a different composition
configuration. These scenarios and their related service activities and message paths
are a common part of composition designs. They need to be understood and mapped
out in advance so that the composition logic is fully prepared to deal with the range of
runtime situations it may need to face (Figure 4.18).
Annual Reports
Revenue
1
2
3 5
AP Commissions Notifications
Figure 4.18
A given business process may need to be automated by a range of service compositions in order to
accommodate different runtime scenarios. In this case, alternative composition logic within the Annual
Report’s Revenue capability kicks in to deal with an exception condition. As a result, the Notifications
service is invoked prior to the Accounts service even being included in the composition.
4.2 The Four Common Types of SOA 83
Finally, the composition will rely on the activity management abilities of the under-
lying runtime environment responsible for hosting the composition members. Security,
transaction management, reliable messaging, and other infrastructure extensions, such
as support for sophisticated message routing, may all find their way into a composition
architecture specification.
SOA PATTERNS
The result is that though often classified as a service-oriented architecture, many of the
traditional challenges associated with design disparity, transformation, and integration
continue to emerge and undermine strategic service-oriented computing goals.
SOA PATTERNS
The scope and boundary of a service inventory architecture can vary, as per the
Enterprise Inventory [340] and Domain Inventory [338] patterns.
84 Chapter 4: Understanding SOA
Ideally, the service inventory is first conceptually modeled, leading to the creation of a
service inventory blueprint. It is often this blueprint that ends up defining the required
scope of the architecture type referred to as a service inventory architecture (Figure 4.19).
service
rvice inven
inventory
ent
ntor
orry
Annual Reports
Revenue
1
2
10
3 5
4
Commissions AP Accounts
6 8
7 9
Client Invoice
Figure 4.19
Ultimately, the services within an inventory can be composed and recomposed, as represented by different
composition architectures. To that end, many of the design patterns in this book need to be consistently applied
within the boundary of the service inventory.
4.2 The Four Common Types of SOA 85
SOA PATTERNS
SOA PATTERNS
The Inventory Endpoint [346] pattern can play a key role when designing service
inventory environments with external communication requirements.
NOTE
This section is focused on technology architecture. However, it is worth pointing out that a
“complete” service-oriented enterprise architecture would encompass both the technology
and business architecture of an enterprise (much like traditional enterprise architecture).
The IT industry has been through the cycle depicted in Figure 4.20 many times. Each
iteration has brought about change and generally an increase in the sophistication and
complexity of technology platforms.
4.3 The End Result of Service-Orientation and SOA 87
Business IT
Community Community
Automation Systems,
Technology Innovation
Figure 4.20
The endless progress cycle establishes the dynamics between the business and IT communities.
Sometimes a series of iterations through this progress cycle leads to a foundational shift
in the overall approach to automation and computing itself. The emergence of major
platforms and frameworks, such as object-orientation and enterprise application inte-
gration, are examples of this. Significant changes like these represent an accumulation
of technologies and methods and can therefore be considered landmarks in the evolu-
tion of IT itself. Each also results in the formation of distinct technology architecture
requirements.
It is the target state resulting from the attainment of these strategic goals that an adop-
tion of service-orientation attempts to achieve. In other words, they represent the
desired end result of applying the method of service-orientation.
88 Chapter 4: Understanding SOA
How then does this relate to service-oriented technology architecture? Figure 4.21 hints
at how the pursuit of these specific goals results in a series of impacts onto all architec-
ture types brought upon by the application of service-orientation.
Increased
Increased Intrinsic Increased
Federation Interoperability ROI
Reduced
IT Burden
Increased Increased
Increased
Vendor Business and
Organizational
Diversity Technology
Agility
Options Alignment
impact of service-orientation
Figure 4.21
The common strategic goals and benefits of service-oriented computing are realized through the
application of service-orientation. This, in turn, impacts the demands and requirements placed upon
the four types of service-oriented technology architectures. (Note that the three goals on the right
represent the ultimate target benefits sought in a typical SOA initiative.)
4.3 The End Result of Service-Orientation and SOA 89
NOTE
For those of you interested in how each of the strategic goals specifically influences the four
types of service-oriented architecture, Chapter 23 in SOA Design Patterns documents the
individual impacts.
Change
Business IT
Community SOA Community
Change
Figure 4.22
Service-oriented technology architecture supports the two-way dynamic between business and IT
communities, allowing each to introduce or accommodate change throughout an endless cycle.
90 Chapter 4: Understanding SOA
Figure 4.23
The strategic goals of Service-
Oriented
service-oriented computing Computing
represent a target state that Goals
Su
t
can be achieved through p or pp
a method provided by S up or
t
service-orientation. The
successful application of
service-orientation principles
Service-Orientation SOA
and supporting SOA design Design Principles Design
patterns helps to shape Support Patterns
and define requirements for
different types of service-
oriented architectures, He ze
resulting in an IT automation
lp ali
Re
ali Re
model that is designed to lp
ze He
fully support the two-way
cycle of change through
which business and IT
communities continually
transition. SOA
Change
Business IT
Community SOA Community
Change
4.4 SOA Project and Lifecycle Stages 91
NOTE
This section provides a good transition to Chapter 5, which explores service definition as a
foundational part of the service-oriented analysis project stage, and Chapters 6 to 9, which
further delve into the service-oriented analysis stage and then cover considerations pertain-
ing to the service-oriented design project stage.
As shown in Figure 4.24, each approach has its own benefits and consequences. Whereas
the bottom-up strategy avoids the extra cost, effort, and time required to deliver services
via a top-down approach, it ends up imposing increased governance burden because
bottom-up delivered services tend to have shorter lifespans and require more frequent
maintenance and refactoring.
The top-down strategy demands more of an initial investment because it introduces an
upfront analysis stage focused on the creation of the service inventory blueprint. A col-
lection of service candidates are individually defined as part of this blueprint to ensure
that subsequent service designs will be highly normalized, standardized, and aligned.
NOTE
A top-down strategy needs to be applied to an extent to meaningfully carry out the service-
oriented analysis and service-oriented design stages covered in Chapters 6 to 9. The
scope of this effort is determined by the scope of the planned service inventory, as per the
Balanced Scope pillar covered in Chapter 3.
92 Chapter 4: Understanding SOA
4.4 SOA Project and Lifecycle Stages
Figure 4.24
Generally, the less time and effort spent on the upfront service analysis, the greater the ongoing, post-deployment
governance burden. The approach on the left is comparable with bottom-up service delivery and the approach
93
on the right is more akin to top-down delivery. SOA methodologies that attempt to combine elements of both
approaches also exist.
94 Chapter 4: Understanding SOA
Service
Usage
and
Monitoring
Figure 4.25
Common stages associated with SOA projects. Note the Service
distinction between SOA project stages, service delivery Discovery
There are two primary analysis phases in a typical SOA project: the analysis of indi-
vidual services in relation to business process automation, and the collective analysis of
a service inventory. The service-oriented analysis phase is dedicated to producing con-
ceptual service definitions (service candidates) as part of the functional decomposition
of business process logic. The service inventory analysis establishes a cycle whereby the
service-oriented analysis process is carried out iteratively (together with other business
processes) to whatever extent a top-down (strategic) approach is followed.
• Timeline for the completion of milestones and the overall adoption effort
• Governance system
• Management system
• Methodology
• Risk assessment
As individual service candidates are identified, they are assigned appropriate func-
tional contexts in relation to each other. This ensures that services (within the service
inventory boundary) are normalized so that they don’t functionally overlap. As a result,
service reuse is maximized and the separation of concerns is cleanly carried out. A pri-
mary deliverable produced during this stage is the service inventory blueprint.
The scope of the initiative and the size of the target service inventory tend to deter-
mine the amount of upfront effort required to create a complete service inventory blue-
print. More upfront analysis results in a better defined conceptual blueprint, which is
intended to lead to the creation of a better quality inventory of services. Less upfront
analysis leads to partial or less well-defi ned service inventory blueprints.
Perform Define
Service-Oriented Technology
Analysis Architecture
Define
Service
Inventory
Blueprint
4.4 SOA Project and Lifecycle Stages 97
• Define Service Inventory Blueprint – After an initial definition that establishes the
scope and structure of the planned service inventory, this blueprint acts as the
master specification wherein modeled service candidates are documented.
The service inventory blueprint is incrementally defi ned as a result of repeated itera-
tions of steps that include the service-oriented analysis.
NOTE
The scope of the service inventory analysis stage and the resulting service inventory
blueprint directly relates to the Balanced Scope consideration explained in the The Four
Pillars of Service-Orientation section in Chapter 3, as well as the possible application of the
Domain Inventory [338] pattern.
Service-oriented analysis represents one of the early stages in an SOA initiative and
the first phase in the service delivery cycle (Figure 4.27). It is a process that begins with
preparatory information-gathering steps completed in support of a service modeling
subprocess.
Define
Enterprise
Business
Models
Perform Define
Service-Oriented Technology
Analysis Architecture
Step 1
Define Define
Analysis Service
Scope Inventory
Blueprint
Step 2
Identify
Automation
Systems
Step 3
Model
Candidate
Services
Figure 4.27
A generic service-oriented analysis process in which the first two steps collect information in
preparation for a detailed service modeling subprocess represented by the Model Candidate
Services step.
4.4 SOA Project and Lifecycle Stages 99
The service-oriented analysis process is generally carried out iteratively, once for each
business process. Typically, the delivery of a service inventory determines a scope that
represents a meaningful domain of the enterprise (as per the Balanced Scope pillar
discussed in Chapter 3), or even the enterprise as a whole. All iterations of the service-
oriented analysis then pertain to that scope, with each iteration contributing to the ser-
vice inventory blueprint.
Steps 1 and 2 essentially represent information-gathering tasks that are carried out in
preparation for the modeling process performed in Step 3.
The details of how Web services or REST services relate to existing systems are ironed
out in the service-oriented design phase. For now, this information will be used to help
identify utility service candidates during the service modeling process.
Note that this step is tailored toward supporting the modeling efforts of larger-scaled
service-oriented solutions. An understanding of affected legacy environments is still
useful when modeling a smaller amount of services, which does not require substantial
research efforts.
100 Chapter 4: Understanding SOA
NOTE
Chapters 6 and 7 provide service modeling processes for Web services and REST
services, respectively.
A key success factor of the service-oriented analysis process is the hands-on collabora-
tion of both business analysts and technology architects (Figure 4.28). The former group
is especially involved in the definition of service candidates within a business-centric
functional context because they understand the business processes used as input for
the analysis and because service-orientation aims to align business and IT more closely.
Figure 4.28
A look at how the collaboration between business analysts and technology architects changes with SOA projects. While
the depicted collaborative relationship between business analysts and architects may not be unique to an SOA project,
the nature and scope of the analysis process are.
4.4 SOA Project and Lifecycle Stages 101
Auto-
Generate
Import
Figure 4.29
Unlike the popular process of deriving Web service contracts from existing
components, SOA advocates a specific approach that encourages us to postpone
development until after a custom designed, standardized contract is in place.
The typical starting point for the service-oriented design process is a service candi-
date that was produced as a result of completing all required iterations of the service-
oriented analysis process (Figure 4.30). Service-oriented design subjects this service
candidate to additional considerations that shape it into a technical service contract in
alignment with other service contracts being produced for the same service inventory.
Perform Define
Service-Oriented Technology
Analysis Architecture
Define
Service
Inventory
Blueprint
Step 1
Perform
Design
Service-Oriented
Entity Services
Design
Step 2
Design
Utility Services
Step 3
Design
Microservices
*
Step 4
Task
Services
4.4 SOA Project and Lifecycle Stages 103
How service logic is designed is dictated by the business automation requirements that
need to be fulfilled by the service. With service-oriented solutions, a given service may
be able to address business requirements individually or, more commonly, as part of a
service composition.
Service Development
After all design specifications have been completed, the actual programming of the ser-
vice can begin. Because the service architecture will already have been well-defined as
a result of the previous stages and the involvement of custom design standards, service
developers will generally have clear direction as to how to build the various parts of the
service architecture.
Service Testing
Services need to undergo the same types of testing and quality assurance cycles as
traditional custom-developed applications. However, new requirements introduce the
need for additional testing methods and effort. For example, to support the realization
of the Service Composability (302) principle, newly delivered services need to be tested
individually and as part of service compositions. Agnostic services that provide reus-
able logic especially require rigorous testing to ensure that they are ready for repeated
usage (both concurrently as part of the same service compositions and by different
service compositions).
104 Chapter 4: Understanding SOA
• Are there any security considerations specific to public clouds that need to be
taken into account?
• How well do service contract documents communicate the functional scope and
capabilities of a service?
• How effective are the validation rules within the service contract and within the
service logic?
• Have all possible service activities and service compositions been mapped out?
• For service compositions that span on-premise and cloud environments, is the
performance and behavior consistent and reliable?
Because services are positioned as IT assets with runtime usage requirements compa-
rable to commercial software products, similar quality assurance processes are gener-
ally required.
4.4 SOA Project and Lifecycle Stages 105
• Distributed components
Service maintenance refers to upgrades or changes that need to be made to the deploy-
ment environment, either as part of the initial implementation or subsequently. It does
not pertain to changes that need to be made to the service contract or the service logic,
nor does it relate to any changes that need to be made as part of the environment that
would constitute a new version of the service.
Special considerations regarding this stage apply to cloud-based services, such as:
• The cloud service may be hosted by virtualized IT resources that are further
hosted by physical IT resources shared by multiple cloud consumer organizations.
• The cloud service usage may be monitored not only for performance, but also for
billing purposes when its implementation is based on a per-usage fee license.
• The elasticity of the cloud service may be configured to allow for limited or
unlimited scalability, thereby increasing the range of behavior (and changing its
usage thresholds) when compared to an on-premise implementation.
This phase is often not documented separately, as it is not directly related to service
delivery or projects responsible for delivering or altering services. It is noted in this
book because while active and in use, a service can be subject to various governance
considerations.
Service Discovery
To ensure that reusable services are consistently reused, project teams carry out a sepa-
rate and explicitly defined service discovery process. The primary goal of this process
is to identify one or more existing agnostic services (such as utility or entity services)
within a given service inventory that can fulfill generic requirements for whatever busi-
ness process the project team is tasked with automating.
can be carried out with minimal impact and disruption to service consumers that have
already formed dependencies on the service, a formal service versioning process needs
to be in place.
There are different versioning strategies, each of which introduces its own set of rules
and priorities when it comes to managing the backward and forward compatibilities
of services. (Chapter 10 provides fundamental coverage of common service versioning
approaches for Web services and REST services.)
Service
Inventory
Analysis
Service
Service-Oriented Analyst
Analysis
(Service Modeling) SOA
Governance
Specialist
Service-Oriented
Design
(Service Contract)
Service
Enterprise
Architect
Design
Standards
Custodian
Service
SOA
Enterprise Security
Service Architect Specialist
Development Schema
Service Custodian
Developer
4.4 SOA Project and Lifecycle Stages
Service
Testing Policy
Custodian
Technical
Service Communications SOA
Administrator Specialist Quality
Service Assurance
Deployment Specialist
and
Maintenance
Cloud
Service Resource
Usage Administrator
and
Monitoring
Service
Custodian
Service
Discovery
Service
Registry
Custodian
Service
Versioning
and
Retirement
Figure 4.31
Shown here are common associations of organizational roles with different SOA project stages.
109
This page intentionally left blank
Chapter 5
The upcoming sections explore this topic area by focusing on a series of primitive pro-
cess steps, as they are applied to the early stages of service modeling and subsequent
service design (Figure 5.1).
Figure 5.1
A primitive service modeling process Functional
Decomposition
that results in the definition of candidate
services and capabilities.
Service
Encapsulation
Agnostic Non-Agnostic
Context Context
Entity Utility
Abstraction Abstraction
5.1 Introduction to Service Layers 113
• Task Service – A service with a non-agnostic functional context that generally cor-
responds to single-purpose, parent business process logic. A task service will usu-
ally encapsulate the composition logic required to compose several other services
to complete its task.
• Microservice – A non-agnostic service often with a small functional scope
encompassing logic with specific processing and implementation requirements.
Microservice logic is typically not reusable but can have intra-solution reuse
potential. The nature of the logic may vary.
• Entity Service – A reusable service with an agnostic functional context associated
with one or more related business entities (such as invoice, customer, or claim).
For example, a Purchase Order service has a functional context associated with
the processing of purchase order-related data and logic.
NOTE
A variation of the task service model called the orchestrated task service performs the same
overall function as a task service, but is typically responsible for encompassing extensive
orchestration logic, which can involve distinct technologies and middleware. Orchestrated
task services are not covered in this book.
A given service inventory will usually contain multiple services that are grouped based
on each of these service models. Each of these groupings is referred to as a service layer
(Figure 5.2).
task service
layer
non-agnostic
microservice
layer
entity service
layer
agnostic
utility service
layer
Figure 5.2
The common service layers, each of which is based on a service model.
5.2 Breaking Down the Business Problem 115
Functional Decomposition
The separation of concerns theory is based on an established software engineering prin-
ciple that promotes the decomposition of a larger problem into smaller problems (called
“concerns”) for which corresponding units of solution logic can be built. The rationale
is that a larger problem, such as the execution of a business process, can be more easily
and effectively solved when separated into smaller parts. Each unit of solution logic that
is built exists as a separate body of logic that is responsible for solving one or more of
the identified smaller concerns (Figure 5.3). This design approach forms the basis for
distributed computing.
116 Chapter 5: Understanding Layers with Services and Microservices
Large Problem A
can be
decomposed
a collection of related
into
smaller problems (concerns)
Large Problem A
solve
a collection of related
can units of solution logic
alternatively
be designed as
when applying the separation of concerns the larger problem is decomposed into a set of
concerns and the corresponding solution logic is decomposed into smaller units
Figure 5.3
A larger problem is decomposed into multiple, smaller problems. Later steps focus on the definition of solution logic
units that individually address these smaller problems.
Service Encapsulation
When assessing the individual units of solution logic that are required to solve a larger
problem, we may realize that only a subset of the logic is suitable for encapsulation
within services. During the service encapsulation step, we identify the parts of the logic
required that are suitable for encapsulation by services (Figure 5.4).
5.2 Breaking Down the Business Problem 117
decomposed problems
(concerns) that
collectively represent
Large Problem A
Service
Encapsulation
Figure 5.4
Some of the decomposed solution logic is identified as being not suitable for service encapsulation.
The highlighted blocks represent logic that is deemed suitable for encapsulation by services.
Agnostic Context
After the initial decomposition of solution logic, we will typically end up with a series
of solution logic units that correspond to specific concerns. Although some of this logic
may be capable of solving other concerns, grouping single-purpose and multipurpose
logic together prevents us from being able to realize any potential reuse. By identifying
the parts of this logic that are not specific to known concerns, we are able to separate
and reorganize the appropriate logic into a set of agnostic contexts (Figure 5.5).
118 Chapter 5: Understanding Layers with Services and Microservices
Figure 5.5
Decomposed units of solution logic will naturally be designed to solve concerns specific to a single, larger
problem. Solution Logic Units 1, 3, and 6 represent logic that contains multipurpose functionality trapped
within a single-purpose (single concern) context. This step results in a subset of the solution logic being
further decomposed and distributed into services with specific agnostic contexts.
5.2 Breaking Down the Business Problem 119
Agnostic Capability
Within each agnostic service context, the logic is further organized into a set of agnostic
service capabilities. It is, in fact, the service capabilities that address individual con-
cerns. Because they are agnostic, the capabilities are multipurpose and can be reused to
solve multiple concerns (Figure 5.6).
Context A
Agnostic
Capability
Context A
different large
problems
Figure 5.6
A set of agnostic service capabilities is defined, each capable of solving a common concern.
120 Chapter 5: Understanding Layers with Services and Microservices
Utility Abstraction
The next step is to separate common, cross-cutting functionality that is neither specific
to a business process nor a business entity. This establishes a specialized agnostic func-
tional context limited to logic that corresponds to the utility service model. Repeating
this step within a service inventory can result in the creation of multiple utility service
candidates and, consequently, a logical utility service layer (Figure 5.7).
Agnostic
Context
Capability A
Capability B
Capability C
Utility
Abstraction
utility service
layer
service inventory
Agnostic
Utility Context
Capability A
Capability B
Capability C
Figure 5.7
Utility-centric agnostic service logic is organized into a utility service layer.
5.2 Breaking Down the Business Problem 121
Entity Abstraction
Every organization has business entities that represent key artifacts relevant to how
operational activities are carried out. This step is focused on shaping the functional
context of a service so that it is limited to logic that pertains to one or more related busi-
ness entities. As with utility abstraction, repeating this step tends to establish its own
logical service layer (Figure 5.8).
Agnostic
Context
Capability A
Capability B
Capability C
service inventory
Agnostic
Entity Context
Capability A
Capability B
Capability C
Figure 5.8
Entity-centric agnostic service logic is organized into an entity service layer.
122 Chapter 5: Understanding Layers with Services and Microservices
Non-Agnostic Context
The fundamental service identification and definition effort detailed so far has focused
on the separation of multipurpose, or agnostic, service logic. What remains after the
multipurpose logic has been separated is logic that is specific to the business process.
Because this logic is considered single-purpose in nature, it is classified as non-agnostic
(Figure 5.9).
Context C Context D
Non-Agnostic
Context
Context E
non-agnostic logic
encapsulated by
a non-agnostic
service context
5.2 Breaking Down the Business Problem 123
Context E
microservice
layer
Micro Task
Abstraction
service inventory
Non-Agnostic
Micro Task Context
Capability A
Figure 5.10
Select non-agnostic logic is separated into microservice candidates.
Business
Process A
Process
Abstraction
task service
layer
Non-Agnostic microservice
Task Context layer
entity service
Capability A layer
utility service
layer
Figure 5.11
The task service represents a part of a parent service layer and is responsible for encapsulating the remaining
logic specific to the parent business process.
This dynamic is illustrated in Figure 5.12, where we can see how the collective applica-
tion of service-orientation principles shapes software programs into services that are
essentially “composition-ready,” meaning they are interoperable, compatible, and com-
posable with other services belonging to the same service inventory.
5.3 Building Up the Service-Oriented Solution 125
Standardized
Service Contract
Service
Loose Coupling
Service
Abstraction
Service
Reusability
A service
composition
Service
Autonomy
A
Composition X
Service
A
Statelessness
A
Service
Discoverability Composition Y
service
recomposition
Service
Composability
Figure 5.12
Service A (middle) is a software program shaped into a unit of service-oriented logic by the application
of service-orientation design principles. Service A is delivered within a service inventory that contains a
collection of services to which service-orientation principles were also applied. The result is that Service A
can participate initially in Composition X and, more importantly, can later be pulled into Composition Y and
additional service compositions as required.
126 Chapter 5: Understanding Layers with Services and Microservices
Figure 5.12 does not only illustrate the aggregation that services can participate in. All
distributed systems are comprised of aggregated software programs. What is funda-
mentally distinct about how service-orientation positions agnostic services is that they
are repeatedly composable, allowing for subsequent recomposition.
This is what lies at the core of realizing organizational agility as a primary goal of
adopting service-oriented computing. Ensuring that a set of services (within the scope
determined by the service inventory) is naturally interoperable and designed for partic-
ipation in complex service compositions enables us to fulfi ll new business requirements
and automate new business processes (Figure 5.13), by augmenting existing service com-
positions or creating new service compositions with reduced effort and expense. This
target state is what leads to the Reduced IT Burden goal of service-oriented computing.
Business
Process B
task service
layer
microservice
layer
entity service
layer
utility service
layer
Figure 5.13
The same entity and utility service layers from before, now available for
composition by a different set of non-agnostic service candidates in
support of the automation of a new business process.
5.3 Building Up the Service-Oriented Solution 127
Standardized
Service Contract
Service
Loose Coupling
Service supports
Discoverability
supports
supports
Service
Composability supports
Service
supports Abstraction
Service
Statelessness supports supports
Service
Service Reusability
Autonomy
Figure 5.14
A common objective of all service-orientation design principles is the shaping of services in support of increased
composability potential.
128
Functional Capability
Decomposition Composition
Service Capability
Encapsulation Recomposition
Entity Utility
Abstraction Abstraction
Figure 5.15
Subsequent to the decomposition of a business problem into units of service logic, we focus on
how these units can be assembled into service-oriented solutions.
5.3 Building Up the Service-Oriented Solution 129
Capability Composition
Candidate service capabilities are sequenced together in order to assemble the decom-
posed service logic into a specific service composition that is capable of solving a specific
larger problem (Figure 5.16). Much of the logic that determines which service capabili-
ties to invoke and in which order they are to be composed will usually reside within
the task service.
Beyond forming the basis for the basic aggregation of service functionality, this step
reinforces functional service boundaries by requiring a service that needs access to
logic outside of its context to access this logic via the composition of another service.
This requirement avoids redundancy of logic across services.
Figure 5.16
Although generally referred Service X
to as a service composition,
services that compose Capability A
each other actually do so
via their individual service
capabilities. 1 2
6
3
Service A Service B
Capability A Capability A
Capability B Capability B
5
4
Service C
Capability A
Capability B
130 Chapter 5: Understanding Layers with Services and Microservices
Let’s imagine that Service B in Figure 5.16 is a microservice and Service C is a utility
service being composed by the microservice. The logical view provided by Figure 5.16
would stay the same. However, the physical view of this composition architecture could
vary, depending on what technologies are utilized as part of the microservice imple-
mentation environment. For example, Figure 5.17 shows how both the microservice and
utility service could be rolled out in the same deployment bundle and placed onto a
dedicated virtual server. Figure 5.18 takes this a step further by physically grouping
the services together with system fi les and libraries within a container. In either archi-
tecture, that same utility service may be in use in various other capacities, within this
and other solutions, but it is specifically redundantly deployed in support of the one
microservice.
Note that Figures 5.17 and 5.18 depict architectures that are commonly associated with
microservice implementations. Deployment bundles and containerization technology
can also be used for services based on other service models or for entire solutions that
are not service-oriented. Due to the typical requirement of a microservice to support
specialized processing or deployment requirements, there is usually a greater need for
dedicated underlying hosting environments and resources.
5.3 Building Up the Service-Oriented Solution 131
Figure 5.17
The microservice and a redundant task
service
implementation of the utility service
it is composing are grouped in
the same deployment bundle and
located on a dedicated virtual server.
This increases the autonomy of the
microservice, which it may need
entity
to fulfill its specialized processing service
requirements. micro
service
utility
service
Figure 5.18
The microservice and the redundant task
service
implementation of the utility service
are positioned within a container that
also includes system components and
libraries. This is an example of how
containerization technology can be
used to further increase the autonomy
entity
and mobility of services. The extent to service
which autonomy is increased depends micro
service
on the extent to which redundant
implementations of external resources
the service may need to call are
included in the container.
utility system components
service and libraries
container
132 Chapter 5: Understanding Layers with Services and Microservices
• The microservice in the preceding scenarios may compose the utility service to
access an underlying resource or it may disregard the Service Loose Coupling
principle and access the underlying resource directly.
• Multiple deployment bundles can be located on the same virtual server, as long as
respective autonomy requirements can be fulfi lled.
• In Figure 5.18, the container is located on a physical server, but it can also be
located on a virtual server.
Although microservice architecture and related technologies are not covered in this
book, summary profiles of the Microservice Deployment [349] and Containerization
[333] patterns are provided in Appendix C and are recommended reading. These and
other related patterns can also be accessed in the Service Implementation Patterns cat-
egory at www.soapatterrns.org.
Capability Recomposition
As previously mentioned, the recomposition of services is a fundamental and distinc-
tive goal of service-oriented computing. This step specifically addresses the recurring
involvement of a service via the repeated composition of a service capability. The rela-
tionship diagram shown in Figure 5.19 highlights how the preceding steps that have
been described all essentially lead to opportunities for service capability recomposition.
5.3 Building Up the Service-Oriented Solution 133
Non-Agnostic Agnostic
Context Capability
positions
establishes functional
effective composition
points of contact
controller services
in preparation for
responsible for
Capability
Recomposition
Figure 5.19
The repeated composability of services is core to service-orientation.
SOA PATTERNS
The steps explored in this chapter correspond to SOA patterns of the same names:
Combining these patterns into sequences can form the basis of primitive model-
ing processes.
The less functional overlap that is allowed in a service inventory, the less redundant
logic exists, and the more normalized the service inventory becomes. Logic centraliza-
tion is a technique that supports service normalization by centralizing logic in the form
of single, normalized services (Figure 5.20).
Figure 5.20
A service inventory comprised of
services with published physical
contracts. Each service has a distinct
functional boundary, complementary to
others and, ideally, without overlap.
5.3 Building Up the Service-Oriented Solution 135
SOA PATTERNS
When applying Service Normalization [361] in support of Web services, the ser-
vices are collectively modeled before their individual physical contracts (WSDL
and XML Schema definitions) are created. This provides the opportunity for each
Web service boundary to be planned out to ensure that it does not overlap with
other services.
Service-Oriented Analysis
and Design
Chapter 6: Analysis and Modeling with Web Services
and Microservices
Chapter 7: Analysis and Modeling with REST Services
and Microservices
Chapter 8: Service API and Contract Design with Web Services
Chapter 9: Service API and Contract Design with
REST Services and Microservices
Chapter 10: Service API and Contract Versioning with
Web Services and REST Services
This page intentionally left blank
Chapter 6
Figure 6.1
A sample service modeling process for Web services.
6.1 Web Service Modeling Process 141
Discrepancies arise when employee timesheet entries do not match the hours billed
on customer invoices. To address this problem and streamline the overall process,
TLS decides to integrate its third-party time tracking system with its large, distrib-
uted accounting solution.
yes
Transform
PO
Import Send
PO Notification
Send PO
to Queue
1. Receive Timesheet
2. Verify Timesheet
Although it only consists of four steps at this point, there is more to this business
process. The details are revealed as the TLS team decomposes the process logic. They
begin with the Receive Timesheet step, which is split into two smaller steps:
The Verify Timesheet step is actually a subprocess in its own right and can therefore
be broken down into the following more granular steps:
2b. Confirm That Authorization Was Given for Any Recorded Overtime Hours
2c. Confirm That Hours Recorded for Any Particular Project Do Not Exceed a
Pre-Defined Limit for That Project
2d. Confirm That Total Hours Recorded for One Week Do Not Exceed a
Pre-Defined Maximum for That Worker
Upon subsequent analysis, TLS further discovers that the Reject Timesheet Submission
process step can be decomposed into the following granular steps:
4a. Update the Worker’s Profile Record to Keep Track of Rejected Timesheets
• Receive Timesheet
Compare
• Compare Hours Recorded on Timesheet to Billed Hours
Submission yes
Finally, TLS further simplifies the business process logic into the following set of
granular actions:
• Receive Timesheet
• Get Authorization
• Confirm Authorization
performed by existing legacy logic for which service candidate encapsulation is not an
option. By filtering out these parts, we are left with the processing steps most relevant
to our service modeling process.
After reviewing each of the business process steps, those that either cannot or do
not belong in a service-oriented solution are removed. The following list revisits the
decomposed actions. The first action is crossed out because it is performed manually
by an accounting clerk.
• Receive Timesheet
• Initiate Timesheet Submission
• Get Authorization
• Confirm Authorization
It is important that you do not concern yourself with how many steps belong to each
group. The primary purpose of this exercise is to establish the required set of contexts.
Equipping entity service candidates with additional capability candidates that facili-
tate future reuse is also encouraged. Therefore, the scope of this step can be expanded
to include an analysis of additional service capability candidates not required by the
current business process, but added to round out entity services with a complete set of
reusable operations.
TLS business analysts support the service modeling effort by producing an entity
model relevant to the Timesheet Submission business process logic (Figure 6.4).
Figure 6.4
A TLS entity model displaying business Employee Timesheet
entities pertinent to the Timesheet
Submission business process. E-mail Address 1 *
Employee
Weekly Hours Limit Date
1 * Recorded Hours
Overtime Hours
Authorization ID
Customer
Employee Customer
Comment 1 Hours Billed
* Billing Period
6.1 Web Service Modeling Process 147
The TLS team studies this model, along with the list of granular service capability
candidates identified during the previous analysis step. They subsequently identify
the service capability candidates considered agnostic. All those classified as non-
agnostic are bolded, as follows:
• Get Authorization
• Confirm Authorization
First, the Timesheet entity is reviewed. It is decided that this entity warrants a cor-
responding entity service candidate simply called “Timesheet.” Upon analysis of its
attributes, TLS further determines that the following service capability candidates
should be grouped with the entity service candidate:
• Get Authorization
148 Chapter 6: Analysis and Modeling with Web Services and Microservices
business analysts point out that other processes will Get Authorization
other, it is decided that they can be jointly represented by Get Weekly Hours
a single entity service candidate called “Employee.” Two Limit
As a result, the remaining two actions are put aside for now until utility services are
defined, later in this process:
Note that not all non-agnostic actions necessarily become service capability candidates.
Many process-specific actions represent decision logic and other forms of processing
that are executed within the service logic.
NOTE
There may be sufficient information about the identified non-agnostic logic to determine
whether any part of this logic may be suitable for encapsulation by one or more microser-
vices. In this case, microservice candidates can be defined as part of this step together with
task service candidates. However, it is recommended that you wait until Step 9 to formally
define the necessary microservice(s) for this solution because upcoming service modeling
steps can identify additional non-agnostic logic and can further assist with the definition of
solution implementation and processing requirements.
The following actions are considered non-agnostic because they are specific to the
Timesheet Submission business process:
• Confirm Authorization
Timesheet
• If Authorization Confi rmation Fails, Reject Submission
NOTE
The application of the Service Autonomy (297) principle in particular may raise consid-
erations that could introduce the need for some of the identified logic to be encapsulated
within microservices. In this case, microservice candidates can be defined as part of this
step and will be subject to further review during Step 9, when microservices are formally
defined.
6.1 Web Service Modeling Process 151
• Demonstrates the potential relationship between task and entity service layers
Ensure that, as part of your chosen scenarios, you include failure conditions that involve
exception handling logic. Note also that any service layers you establish at this point are
still preliminary and still subject to revisions during the design process.
As a result of mapping different service activities within the boundaries of this ser-
vice composition candidate, TLS feels confident that no further non-agnostic process
logic is missing from what it has identified so far.
Figure 6.9
A look at the service composition
candidate hierarchy that is formed as Timesheet
various service interaction scenarios Submission
are explored during this stage.
This and the upcoming steps ask us to identify and dissect the underlying process-
ing and implementation requirements of service candidates. We do this to abstract any
further technology-centric service logic that may warrant the introduction of microser-
vices or that may add to the utility service layer. To accomplish this, each processing
step identified so far is required to undergo a mini-analysis.
• What resources external to the service boundary the processing logic may need
to access—for example, shared databases, repositories, directories, legacy
systems, etc.
• Whether any of the identified processing logic has specialized or critical perfor-
mance and/or reliability requirements.
• Whether the identified processing logic has any specialized or critical implemen-
tation and/or environmental requirements.
Note that any information gathered during Step 2 of the parent service-oriented analy-
sis process covered in Chapter 4 will be referenced at this point.
Upon assessing the processing requirements for the identified service candidates
and the overall business process logic, the TLS team can confirm that the Send Mes-
sage to Employee and Send Message to Manager actions will need to be encapsulated
as part of a utility service layer. Based on the information available about the known
processing requirements and the eventual service implementation environment,
they cannot identify any further utility-centric logic.
6.1 Web Service Modeling Process 153
During the review of the non-agnostic process logic that is currently within the scope
of the Timesheet Submission task service, architects realize that a discrepancy exists
in processing requirements. In particular, the Confirm Authorization action encom-
passes logic that is required to access a proprietary clearance repository. This inter-
action has significantly greater SLA requirements than the rest of the non-agnostic
process logic in relation to performance and failover.
Keeping this logic grouped with the other logic that is part of the Timesheet Submis-
sion task service could risk this logic not executing as per its required metrics. There-
fore, it is suggested that it be separated into one or more microservice candidates that
would eventually benefit from the type of highly autonomous implementation that
could guarantee the required performance and failover demands.
Group these processing steps according to a pre-defi ned context. With utility service
candidates, the primary context is a logical relationship between capability candidates.
This relationship can be based on any number of factors, including:
Various other issues are factored in after service candidates are subjected to the service-
oriented design process. For now, this grouping establishes a preliminary utility service
layer.
154 Chapter 6: Analysis and Modeling with Web Services and Microservices
NOTE
Modeling utility service candidates is notoriously more difficult than entity service can-
didates. Unlike entity services where we base functional contexts and boundaries upon
already-documented enterprise business models and specifications (such as taxonomies,
ontologies, entity relationships, and so on), there are usually no such models for application
logic. Therefore, it is common for the functional scope and context of utility service candi-
dates to be continually revised during iterations of the service inventory analysis cycle.
It is important to note that, due to their specialized implementation needs, the use of
SOAP-based Web services may not be suitable for microservices, even when they are
identified as part of a Web services-centric service modeling process. SOA architects are
given the option to build microservices using alternative implementation technologies,
which may introduce disparate or proprietary communication protocols.
SOA PATTERNS
Figure 6.11
The Confirm Authorization service
candidate.
With the introduction of the Notification utility service and the Verify Timesheet
microservice, the complexion of the Timesheet Submission composition hierarchy
changes noticeably, as illustrated in Figure 6.12.
task
Timesheet service
Submission layer
Confirm
micro
Authorization
service
layer
entity
Employee Timesheet Invoice service
layer
utility
Notification service
layer
Figure 6.12
The revised service composition candidate incorporating the new utility service and microservice.
6.1 Web Service Modeling Process 157
NOTE
This process description assumes that this is the first iteration through the service modeling
process. During subsequent iterations, additional steps need to be incorporated to check for
the existence of relevant service candidates and service capability candidates.
This page intentionally left blank
Chapter 7
The REST service modeling process shown in Figure 7.1 provides a generic set of steps
and considerations tailored for modeling REST services. This chapter describes each
process step and is further supplemented with case study examples.
7.1 REST Service Modeling Process 161
Figure 7.1
A sample service modeling process for REST services.
162 Chapter 7: Analysis and Modeling with REST Services and Microservices
Existing MUA charter agreements with partner schools explicitly refer to the need to
acknowledge individual academic achievements. This makes the correct conferral of
awards important to the reputation of MUA and its elite students.
MUA assembles a service modeling team comprised of SOA architects, SOA analysts,
and business analysts. The team begins with a REST service modeling process for the
Student Achievement Award Conferral business process. As detailed in Figure 7.2,
this business process logic represents the procedures followed for the assessment,
conference, and rejection of individual achievement award applications submitted
by students. An application that is approved results in the conferral of the achieve-
ment award and a notification of the conferral to the student. An application that is
rejected results in a notification of the rejection to the student.
7.1 REST Service Modeling Process 163
Start
Student Submits
Application for Award
is event no
valid?
yes
does transcript
no Verify
qualify based
on award rules? Rejection
yes
Send Rejection
Notice
Verify
Acceptance
Send Acceptance
Notice
Confer Award
Update Awards
History
Update Student
Transcript
Stop
Figure 7.2
The Student Award Conferral business process.
164 Chapter 7: Analysis and Modeling with REST Services and Microservices
The original Student Award Conferral business process is broken down into the fol-
lowing granular actions:
• Verify Student Transcript Qualifies for Award Based on Award Conferral Rules
• Confer Award
• Verify Student Transcript Qualifies for Award Based on Award Conferral Rules
• Confer Award
We then determine how these service capability candidates should be grouped to form
the basis of functional service boundaries.
• Which service capability candidates defined so far are closely related to each other?
• What types of functional service contexts are suitable, given the overarching busi-
ness context of the service inventory?
The first consideration on the list requires us to group capability candidates based on
common functional contexts. The second item pertains to the organization of service
candidates within logical service layers based on service models. Due to the business-
centric level of documentation that typically goes into the authoring of business process
models and specifications and associated workflows, the emphasis during this step will
naturally be more on the definition of entity service candidates. The upcoming Define
Utility Service Candidates step is dedicated to developing the utility service layer.
The third item on the preceding list of factors relates to how we may choose to establish
functional service boundaries not only in relation to the current business process we
are decomposing, but also in relation to the overall nature of the service inventory. This
broader consideration helps us determine whether there are generic functional contexts
we can define that will be useful for the automation of multiple business processes.
SOA PATTERNS
Both the previously referenced Logic Centralization [348] and Service Normal-
ization [361] patterns play a key role during this step to ensure we keep agnostic
service candidates aligned to each other, without allowing functional overlap.
7.1 REST Service Modeling Process 167
By analyzing the remaining actions from Step 2, the MUA service modeling team
identifies and categorizes those actions considered agnostic. Those that are classified
as non-agnostic are in bold:
Furthermore, based on the award conferral policies, this service capability is required
to issue a conferral notification and forward the award conferral record information
to be printed in hard copy format. This relates to the following three actions:
The MUA team considers including this logic within the Award entity service, but
then decides that the Confer service capability will instead invoke corresponding
utility services to perform these functions automatically, upon each conferral.
The Update History capability will issue a further update of student and event
details within a separate part of the internal Awards database. It is deemed necessary
to keep the capabilities separate because the Update History capability can be used
independently and for different purposes than the Confer capability.
7.1 REST Service Modeling Process 169
The following actions are considered non-agnostic because they are specific to the
Student Award Conferral business process:
Note that resources identified at this stage can be expressed using the forward slash
as a delimiter. This is not intended to result in URL-compliant statements; rather, it is
7.1 REST Service Modeling Process 171
a means by which to recognize the parts of service capability candidates that pertain
to resources. Similarly, modeled resources are intentionally represented in a simplified
form. Later, in the service-oriented design stage, the syntactically correct resource iden-
tifier statements are used to represent resources, including any necessary partitioning
into multi-part URL statements (as per resource identifier syntax standards being used).
• /Process/
• /Application/
• /Event/
• /Award/
• /Student Transcript/
• /Notice Sender/
• /Printer/
Before proceeding, the MUA service modeling team decides to further qualify the
/Process/ and /Application/ resource candidates to better associate them with the
nature of the overarching business processing logic, as follows:
• /Conferral Application/
These qualifiers help distinguish similar resources that may exist as other forms of
applications or rules.
Because the service modeling process has, so far, already produced a set of entity
services, each of which represents a business entity, it is further decided to establish
some preliminary mapping between identified resources and entities, as shown in
Table 7.1.
172 Chapter 7: Analysis and Modeling with REST Services and Microservices
Entity Resource
Event /Event/
Award /Award/
Table 7.1
Mapping business entities to resources.
The bolded resources in the preceding list are put aside for when utility services will
be modeled, later in this process. Additional resources are not mapped because they
do not currently relate to known business entities. They may end up being mapped
during future iterations of the service modeling process.
We continue to use the same service candidate and service capability candidate nota-
tion, but we append service capability candidates with their associated method plus
resource combinations. This allows for a descriptive and flexible expression of a pre-
liminary service contract that can be further changed and refined during subsequent
iterations of the service-oriented analysis process.
NOTE
At this stage it is common to associate actions with regular HTTP methods, as defined via
uniform contract modeling efforts. Complex methods can be comprised of pre-defined sets
and/or sequences of regular method invocations. If complex methods are defined at the
service modeling stage, then they can also be associated as appropriate.
7.1 REST Service Modeling Process 173
Figure 7.9
The Award service candidate with
method and resource associations.
174 Chapter 7: Analysis and Modeling with REST Services and Microservices
ated with the GET method and the /Student Transcript/ Get Transcript
resource. The Update Transcript is appended with the (GET + /Student
Transcript/)
POST method together again with the /Student Tran- Update Transcript
script/ resource (Figure 7.10). (POST + /Student
Transcript/)
Figure 7.10
The Student service candidate with
method and resource associations.
When applying this step, the MUA service modeling team is faced with various prac-
tical concerns, based on what participating SOA architects can provide in terms of
knowledge of the implementation environment that the services will be deployed in.
For example, they identify that a given set of resources is related to data provided by
a large legacy system. This impacts functional service boundaries by the extent to
which the Service Autonomy (297) principle can be applied.
7.1 REST Service Modeling Process 175
It is also at this stage that we begin to take a closer look at data exchange requirements
(because for services to compose each other, they must exchange data). This may pro-
vide us with enough information to begin identifying required media types based on
what has already been defi ned for the uniform contract. Alternatively, we may deter-
mine the need for new media types that have not yet been modeled. In the latter case,
we may be gathering information that will act as input for the Model Uniform Contract
task that is part of the service inventory analysis cycle (as explained later in the Uniform
Contract Modeling and REST Service Inventory Modeling section).
NOTE
The depth of service compositions can particularly impact method definition. It is important
to pose questions about the possible failure scenarios that can occur during service compo-
sition execution.
The MUA service modeling team explores a set of service composition scenarios that
correspond to success and failure conditions that may arise when the Student Award
Conferral process is executed.
176 Chapter 7: Analysis and Modeling with REST Services and Microservices
Figure 7.11 illustrates the composition hierarchy of service candidates that is rela-
tively consistent across these scenarios. In each case, the Confer Student Award task
service invokes the Event, Award, and Student entity services. The Award entity ser-
vice further composes the Notification utility service to issue acceptance or rejection
notifications and, if the award is conferred, the Document utility service to print the
award record.
Confer task
Student service
layer
Award
entity
Event Award Student service
layer
Figure 7.11
A look at the service composition candidate hierarchy that is formed as various service interaction
scenarios are explored during this stage.
NOTE
This next series of steps is optional and more suited for complex business processes and
larger service inventory architectures. It requires that we more closely study the underlying
processing requirements of all service capability candidates in order to abstract further util-
ity service candidates.
• Does any required application logic span application boundaries? (In other words,
is more than one system required to complete the action?)
Note that information gathered during the Identify Automation Systems step of the
parent service-oriented analysis process will be referenced at this point.
The MUA team carefully studies the processing requirements of the logic that will
need to be encapsulated by the service candidates defi ned so far. They confirm that,
beyond the already-identified Send Rejection Notice, Send Acceptance Notice, and
Print Hard Copy of Award Conferral Record actions, there appear to be no further
utility-centric functions required. This then sets the stage for the upcoming Define
Utility Services (and Associate Resources and Methods) step during which these
actions, together with the previously identified utility-centric resources, will act as
the primary input for utility service candidate definition.
This raises concerns by business analysts who point out that there are policy-driven
requirements that need to be fulfilled by carrying out an immediate verification of
178 Chapter 7: Analysis and Modeling with REST Services and Microservices
student transcripts. Further, and more importantly, after a verification has occurred,
it is legally binding and cannot be reversed.
As a result, the MUA team classifies the Verify Student Transcript Qualifies for
Award Based on Award Conferral Rules action as having critical and specialized
processing requirements that cannot be met if it were to remain as part of the task
service implementation. They therefore determine that this logic needs to be moved
to a dedicated microservice.
Various other issues are considered after service candidates are subjected to the ser-
vice-oriented design process. For now, this grouping establishes a preliminary utility
service layer in which utility service candidate capabilities are further associated with
resources and methods. A primary input will be any utility-centric resources previ-
ously defined in Step 5.
NOTE
Modeling utility service candidates is notoriously more difficult than entity service can-
didates. Unlike entity services where we base functional contexts and boundaries upon
already-documented enterprise business models and specifications (such as taxonomies,
ontologies, entity relationships, etc.), there are usually no such models for application logic.
Therefore, it is common for the functional scope and context of utility service candidates to
be continually revised during iterations of the service inventory analysis cycle.
7.1 REST Service Modeling Process 179
The MUA team proceeds by digging up notes from prior process steps regarding
utility-centric actions that have been documented so far. Combined with the research
they collected from the Analyze Processing Requirements step, they proceed to
define the following two utility services.
actions are combined into one generic Send service capa- Send
bility candidate as part of a utility service called Noti-
fication (Figure 7.12). The Send capability will accept a
range of input values, enabling it to issue approval and
rejection notifications, among others.
Document
Print
(POST + /Printer/)
Figure 7.15
The Document service candidate with
method and resource association.
The Confer Student Award service composition expands with the introduction of the
Notification and Document utility services and the Verify Application microservice
(Figure 7.17).
Confer task
Student service
layer
Award
micro
Verify service
Application layer
entity
Event Award Student service
layer
utility
Notification Document service
layer
Figure 7.17
The revised service composition candidate incorporating new utility services and a microservice.
• Utility service capability candidates defined in Steps 9 and 10 may remove some
of the required actions that comprised entity service capability candidates defi ned
earlier, in Step 3.
• The introduction of new utility service candidates may affect (or assimilate) the
functional scopes of already-defined utility service candidates.
• The modeling of larger and potentially more complex service composition candi-
dates in Step 13 may lead to the need to reduce or increase the granularity of some
service capability candidates.
NOTE
As a result, subsequent execution of several of the modeling steps will require an extra
discovery task during which we determine what relevant service candidates, resources, and
uniform contract properties exist, prior to defining or proposing new ones.
Organizations that aim to build a single inventory of REST services will typically rely
on a single over-arching uniform contract to establish baseline communication stan-
dards. Those that proceed with a domain-based service inventory approach instead
will most likely need to define a separate uniform contract for each domain service
184 Chapter 7: Analysis and Modeling with REST Services and Microservices
The purpose of the service inventory analysis stage is to enable a project team to first
define the scope of a service inventory via the authoring of a service inventory blue-
print. This specification is populated by the repeated execution of the service inventory
analysis cycle. Once all iterations (or as many as are allowed) are completed, we have
a set of service candidates that have been (hopefully) well-defined, both individually
and in relation to each other. The subsequent step is to proceed with the design of the
respective service contracts.
When we know in advance that we will be delivering these services using REST, it
is beneficial to incorporate the modeling of the inventory’s uniform contract into the
modeling of the service inventory itself. This is because as we perform each service-
oriented analysis process and model and refi ne each service candidate and service
capability candidate, we gather more and more intelligence about the business automa-
tion requirements that are distinct to that service inventory. Some of this information
will be relevant to how we define the methods and media types of the uniform contract.
• Understanding the service models (entity, utility, task, etc.) in use by service
candidates can help determine which available methods should be supported.
• Understanding policies and rules that are required to regulate certain types of
interaction can help determine when certain methods should not be used, or help
define special features that may be required by some methods.
Define
Enterprise
Business
Models
Define
Service
Inventory
Blueprint
Figure 7.18
In the service inventory analysis cycle, uniform contract modeling can be included as an iterative task.
If combining the Model Uniform Contract task with the Defi ne Technology Architec-
ture step turns out to be an unsuitable grouping, then the Model Uniform Contract task
can be positioned as its own step within the cycle.
When we begin working on the uniform contract definition, one of the key decisions
will be to determine the sources to be used to populate its methods and media types. As
a general starting point, we can look to the HTTP specification for an initial set of meth-
ods and the IANA Media Type Registry for the initial media types. Further media types
and possibly further methods may come from a variety of internal and external sources.
186 Chapter 7: Analysis and Modeling with REST Services and Microservices
NOTE
It is also worth noting that methods and media types can be standardized independently of
a service inventory. For example, HTTP methods are defined by the IETF. A service inven-
tory that uses these methods will include a reference to the IETF specification as part of the
service inventory uniform contract definition. Media types may be specified on an ongoing
basis by external bodies, such as the W3C, the IETF, industry bodies across various supply
chains, or even within an IT enterprise.
Note that the asterisk symbol can be used in the top-right corner to indicate that a REST
service candidate is being modeled during this step that either:
• Incorporates methods and/or media types already modeled for the uniform
contract, or
• Introduces the need to add or augment methods and/or media types for the
uniform contract
NOTE
It is usually during the Model Uniform Contract task that a uniform contract profile is first
populated with preliminary characteristics and properties. This profile document is then
further refined as the uniform contract and is physically designed and maintained over time.
• Stateless {308} – From the data exchange requirements we are able to model
between service candidates, can we determine whether services will be able to
remain stateless between requests?
• Cache {310} – Are we able to identify any request messages with responses that can
be cached and returned for subsequent requests instead of needing to be pro-
cessed redundantly?
7.2 Additional Considerations 187
• Uniform Contract {311} – Can all methods and media types we are associating with
the uniform contract during this stage be genuinely reused by service candidates?
The extent to which concrete aspects of REST constraint application can be factored into
how we model the uniform contract will depend directly on:
• The extent to which the service inventory technology architecture is defi ned
during iterations of the service inventory analysis cycle, and
• The extent to which we learn about a given business process’s underlying automa-
tion requirements during Step 2 of the service-oriented analysis process
Much of this will be dependent on the amount of information we have and are able to
gather about the underlying infrastructure and overall ecosystem in which the inven-
tory of services will reside. For example, if we know in advance that we are deliver-
ing a set of services within an environment riddled with existing legacy systems and
middleware, we will be able to gain access to many information sources that will help
determine boundaries, limitations, and options when it comes to service and uniform
contract definition. On the other hand, if we are planning to build a brand-new envi-
ronment for our service inventory, there will usually be many more options for creating
and tuning the technology architecture in support of how the services (and the uniform
contract) can best fulfill business automation requirements.
SOA PATTERNS
When determining the scope of a service inventory and whether multiple service
inventories are allowed within an enterprise environment, the decision usually
comes down to whether the Enterprise Inventory [340] or the Domain Inventory
[338] pattern is applied.
188 Chapter 7: Analysis and Modeling with REST Services and Microservices
Defining conceptual service candidates using this level of action granularity is common
with mainstream service modeling approaches. It has proven sufficient for SOAP-based
Web services because service capabilities that need to support variations of function-
ality can still be effectively mapped to WSDL-based operations capable of handling a
range of input and output parameters.
With REST service contracts, service capabilities are required to incorporate methods
(and media types) defined by an overarching uniform contract. As already discussed
in the preceding section, the uniform contract for a given service inventory can be mod-
eled alongside and in collaboration with the modeling of service candidates, as long as
we know in advance that REST will act as the primary service implementation medium.
Whereas a WSDL-based service contract can incorporate custom parameter lists and
other service-specific features, REST puts an upper bound on the granularity of mes-
sage exchanges at the level of the most complex or most general purpose method and
media type. This may, in some cases, lead to the need to define finer-grained service
capabilities.
Figure 7.19
A REST service candidate can be modeled Invoice Invoice
specifically to incorporate uniform contract
characteristics. The Update Invoice service Get Invoice GET /invoice/
{invoice-id}
capability candidate is split into two Add Invoice
variations of the PUT /invoice/ service Update Invoice POST /invoice
capability: one that updates the invoice state PUT /invoice/
{invoice-id}/state
value, and another that updates the invoice
PUT /invoice/
customer value.
{invoice-id}/customer
7.2 Additional Considerations 189
What we are also interested in establishing during the service-oriented analysis stage
is the encapsulation of entity logic. As with resources, entities also often represent
“things” that need to be accessed and processed by service consumers.
What then is the difference between a resource and an entity? To understand REST
service modeling, we need to clearly understand this distinction:
• Entities are business-centric and are derived from enterprise business models,
such as entity relationship diagrams, logical data models, and ontologies.
• Some entities are more coarse-grained than others. Some entities can encapsulate
others. For example, an invoice entity may encapsulate an invoice detail entity.
• Resources can also vary in granularity, but are often fine-grained. It is less com-
mon to have formally defined coarse-grained resources that encapsulate fi ne-
grained resources.
• All entities can relate to or be based on resources. Not all resources can be associ-
ated with entities because some resources are non-business-centric.
A fter conceptual service candidates have been modeled and sufficiently refined, we
reach the service-oriented design stage where we can begin designing physical
service contracts based on the results of the preceding service-oriented analysis process.
When building SOAP-based Web services, this stage requires us to apply several con-
tract-related service-orientation principles that help shape the design of the API as part
of each service contract in a consistent and standardized manner prior to the design of
the corresponding service logic.
Specifically, the following benefits can be attained via a contract-first approach with
Web services:
• Web service contracts can be designed to accurately represent the context and
function of their corresponding service candidates.
• Service consumers are required to conform to the expression of the service con-
tract, not vice versa.
We generally begin a Web service contract design with a formal definition of the mes-
sages the service is required to process. To accomplish this we need to formalize the
message structures that are defined within the WSDL types area. SOAP messages carry
payload data within the Body section of the SOAP envelope and this data needs to be
organized and typed. For this we normally rely on XML schemas.
Note that during the service-oriented analysis process it may have been determined that
one or more service candidates are more suitable for implementation via REST instead
of the SOAP-based Web services technology set. This may be the case if microservices
were identified, or other services that have processing requirements better fulfilled via
REST. For those service candidates, the service-oriented design guidelines covered in
Chapter 9 are applied.
SOA PATTERNS
in relation to other service layers, it is beneficial to design entity services prior to others.
This establishes an abstract service layer around which process and underlying applica-
tion logic can be positioned.
The Service Reusability (295) and Service Autonomy (297) principles are somewhat
naturally part of the entity design model in that the operations exposed by entity ser-
vices are intended to be inherently generic and reusable (and
because the use of the import statement is encouraged to Purchase Order
SOA PATTERNS
Due to the fact that entity services naturally process key business documents, the
use of standardized XML schemas becomes a paramount design concern. This
greatly emphasizes the need to enforce the application of the Canonical Schema
[326] and Schema Centralization [356] patterns to all entity services within a ser-
vice inventory.
Unlike services in entity layers, the design of utility services does not require business
analysis expertise. Utility Web services are generally an abstraction of portions of an
organization’s legacy environment, best defined by those who understand these envi-
ronments the most.
8.1 Service Model Design Considerations 195
The type of processing logic that resides in utility services can be similar to the type of
logic placed in microservices. Both of these services commonly perform utility-centric
processing. However, because utility services are agnostic, the
Service Reusability (295) principle is a constant influence in Transform
how the service capabilities are designed, requiring the API to
ForAccounting
be as generic and flexible as possible. This consideration fur- Import
ther carries over to determining the appropriate granularity of ForAccounting
a given operation. Export
SOA PATTERNS
Utility services are more likely to warrant support for alternative communication
protocols, which makes the application of the Dual Protocols [339], Concurrent
Contracts [332], and Service Façade [360] patterns more likely than with entity
services. Another pattern commonly applied during the utility service contract
design stage is Legacy Wrapper [347] for utility services dedicated to encapsulat-
ing legacy APIs.
In IT enterprises that have applied Domain Inventory [338], there is also the appli-
cation of the Cross-Domain Utility Layer [336] pattern that can be considered, in
order to leverage reuse opportunities.
196 Chapter 8: Service API and Contract Design with Web Services
Microservice Design
Although building a microservice as a SOAP-based Web service is possible, it is not
a common approach. The processing overhead associated with SOAP messaging and
the multilayered technology stack of Web service and WS-* environments can impose
latency and other performance-related challenges that oppose the typical high-
performance design goals of microservices.
This book therefore primarily covers the service contract design of REST-based
microservices, as explained further in Chapter 9. If you are considering building
microservices using Web service technologies, many of the guidelines raised in Chap-
ter 9 will still apply.
SOA PATTERNS
Visit the Microservice Design section in Chapter 9 for a list of patterns that may be
applicable to microservice contracts and implementations.
Different modeling approaches can be used to accomplish this step, such as the use
of sequence diagrams (Figures 8.3 and 8.4). The purpose of this exercise is to docu-
ment each possible execution path, including all exception conditions. The resulting
diagrams also will be useful input for subsequent test cases.
8.1 Service Model Design Considerations 197
Issue
Invoice
Transform
Invoice
Transform
Succeeded
Check TLS
Metadata
Metadata
Check Successful
Figure 8.3
A successful completion of sample workflow logic carried out by a task service.
Issue
Invoice
Transform
Invoice
Transform
Failed
Figure 8.4
A failure condition caused by an error during the processing of sample workflow logic by a task service. In this case, one of its
composed services returns an error that terminates the execution of the business process.
198 Chapter 8: Service API and Contract Design with Web Services
The workflow logic that task services can contain will fre- Invoice
quently impose processing dependencies in service com- Processing
positions. This can lead to the need for state management. Submit
However, the use of document-style SOAP messages may
allow the task service to delegate the persistence of some or all
of this state information to the message itself.
SOA PATTERNS
The workflow logic encapsulated by orchestrated task services may require the
need to incorporate atomic transactions or orchestration and compensation type
functionality, which corresponds to the use of the Atomic Service Transaction
[324] and Compensating Service Transaction [330] patterns, respectively.
Several patterns exist to enable state management and support the application
of the Service Statelessness (298) principle, including State Repository [363] and
Partial State Deferral [352]. Furthermore, the State Messaging [362] pattern for-
malizes the aforementioned deferral of state information to the messaging layer,
as enabled by SOAP messages.
The service modeling exercise performed by TLS produced a number of Web service
candidates in support of its new Timesheet Submission solution. The contract design
of the Employee service is explored in this case study example. Figure 8.6 shows the
original service candidate modeled in Chapter 6.
8.1 Service Model Design Considerations 199
At first, this appears to make this step rather simple. However, upon closer study, it
is discovered that the existing XML schema is very large and complex. After some
discussion, TLS architects decide that they will not use the existing schema with this
service at this point. Instead, they opt to derive a lightweight (but still fully compli-
ant) version of the schema to accommodate the simple processing requirements of
the Employee service.
They begin by identifying the kinds of data that will need to be exchanged to fulfill
the processing requirements of the Get Weekly Hours Limit capability candidate.
They end up defining two complex types:
• One containing the search criteria required for the request message received by
the Employee service
The types are deliberately named so that they are associated with the respective mes-
sages. These two types then constitute the new Employee.xsd schema file, as shown
in Example 8.1.
<xml:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace=
"http://www.example.org/tls/employee/schema/accounting/">
<xml:element name="EmployeeHoursRequestType">
<xml:complexType>
<xml:sequence>
200 Chapter 8: Service API and Contract Design with Web Services
Example 8.1
The Employee schema providing complexType constructs used to establish the data representation anticipated for the
Get Weekly Hours Limit capability candidate.
However, just as the architects attempt to derive the types required for the Update
Employee History capability candidate, another problem presents itself. They dis-
cover that the schema from which they derived the Employee.xsd file does not rep-
resent the EmployeeHistory entity, which this service candidate also encapsulates.
Another visit to the accounting schema archive reveals that employee history infor-
mation is not governed by the accounting solution. It is, instead, part of the HR envi-
ronment, for which no schemas have been created.
<xml:element name="EmployeeUpdateHistoryResponseType">
<xml:complexType>
<xml:sequence>
<xml:element name="ResponseCode"
type="xml:byte"/>
</xml:sequence>
</xml:complexType>
</xml:element>
</xml:schema>
Example 8.2
The EmployeeHistory schema, with a different targetNamespace to identify its distinct origin.
accounting
HR system
system
Employee Employee
schema History
schema
Employee
WSDL
Figure 8.7
Two schemas originating from two different data sources.
To promote reusability and to allow for each schema file to be maintained sepa-
rately from the WSDL definition, the XML Schema import statement is used to
pull the contents of both schemas into the Employee service WSDL types construct
(Example 8.3).
<types>
<xml:schema targetNamespace=
"http://www.example.org/tls/employee/schema/">
<xml:import namespace=
"http://www.example.org/tls/employee/schema/accounting/"
schemaLocation="Employee.xsd"/>
202 Chapter 8: Service API and Contract Design with Web Services
<xml:import namespace=
"http://www.example.org/tls/employee/schema/hr/"
schemaLocation="EmployeeHistory.xsd"/>
</xml:schema>
</types>
Example 8.3
The WSDL types construct being populated by imported schemas.
Next, TLS architects follow these steps to define an initial service contract:
1. They confirm that each capability candidate is suitably generic and reusable by
ensuring that the granularity of the logic encapsulated is appropriate. They then
study the data structures defined earlier and establish a set of operation names.
They subsequently proceed to defi ne the remaining parts of the abstract definition,
namely the message and portType constructs, as shown in Example 8.4.
<message name="getEmployeeWeeklyHoursRequestMessage">
<part name="RequestParameter"
element="act:EmployeeHoursRequestType"/>
</message>
<message name="getEmployeeWeeklyHoursResponseMessage">
<part name="ResponseParameter"
element="act:EmployeeHoursResponseType"/>
</message>
8.1 Service Model Design Considerations 203
<message name="updateEmployeeHistoryRequestMessage">
<part name="RequestParameter"
element="hr:EmployeeUpdateHistoryRequestType"/>
</message>
<message name="updateEmployeeHistoryResponseMessage">
<part name="ResponseParameter"
element="hr:EmployeeUpdateHistoryResponseType"/>
</message>
<portType name="EmployeeInterface">
<operation name="GetEmployeeWeeklyHoursLimit">
<input message=
"tns:getEmployeeWeeklyHoursRequestMessage"/>
<output message=
"tns:getEmployeeWeeklyHoursResponseMessage"/>
</operation>
<operation name="UpdateEmployeeHistory">
<input message=
"tns:updateEmployeeHistoryRequestMessage"/>
<output message=
"tns:updateEmployeeHistoryResponseMessage"/>
</operation>
</portType>
Example 8.4
The message and portType parts of the Employee service definition that implement the abstract definition details of
the two service operations.
NOTE
TLS has standardized on the WSDL 1.1 specification because it is conforming to the
requirements dictated by version 1.1 of the WS-I Basic Profile and because none of its
application platforms support a newer WSDL version. WSDL 1.1 uses the portType
element instead of the interface element, which is provided by WSDL 2.0.
Upon a review of the initial abstract service interface, it is determined that a minor
revision can be incorporated to better support fundamental service-orientation. Spe-
cifically, meta-information is added to the WSDL definition to better describe the
purpose and function of each of the two operations and their associated messages
(Example 8.5).
204 Chapter 8: Service API and Contract Design with Web Services
<portType name="EmployeeInterface">
<documentation>
GetEmployeeWeeklyHoursLimit uses the Employee
ID value to retrieve the WeeklyHoursLimit value.
UpdateEmployeeHistory uses the Employee ID value
to update the Comment value of the EmployeeHistory.
</documentation>
<operation name="GetEmployeeWeeklyHoursLimit">
<input message=
"tns:getEmployeeWeeklyHoursRequestMessage"/>
<output message=
"tns:getEmployeeWeeklyHoursResponseMessage"/>
</operation>
<operation name="UpdateEmployeeHistory">
<input message=
"tns:updateEmployeeHistoryRequestMessage"/>
<output message=
"tns:updateEmployeeHistoryResponseMessage"/>
</operation>
</portType>
Example 8.5
The service contract, supplemented with additional metadata documentation.
Figure 8.9
The revised Employee service
operation names.
8.1 Service Model Design Considerations 205
<operation name="GetWeeklyHoursLimit">
<input message="tns:getWeeklyHoursRequestMessage"/>
<output message="tns:getWeeklyHoursResponseMessage"/>
</operation>
<operation name="UpdateHistory">
<input message="tns:updateHistoryRequestMessage"/>
<output message="tns:updateHistoryResponseMessage"/>
</operation>
Example 8.6
The two operation constructs with new, standardized names.
Let’s take another look at the two operations that have been designed into the
Employee service:
• GetWeeklyHoursLimit
• UpdateHistory
The first requires access to the employee profile. At TLS, employee information is
stored in two locations:
• Payroll data is kept within the accounting system repository, along with addi-
tional employee contact information.
It is discovered that although the schema accurately expresses a logical data entity,
it represents a document structure derived from two different physical repositories.
Subsequent analysis reveals that the weekly hours limit value is stored in the account-
ing database. The processing requirement for the GetWeeklyHoursLimit operation is
then written up as follows:
206 Chapter 8: Service API and Contract Design with Web Services
Utility service-level function capable of issuing the following query against the accounting
database: Return Employee’s Weekly Hour Limit Using the Employee ID as the Only Search
Criteria
Next, the details behind the UpdateHistory operation are studied. This time it’s a bit
easier, as the EmployeeHistory.xsd schema is associated with a single data source—
the HR employee profile repository. Looking back at the original analysis documenta-
tion, the architect identifies the one piece of information that this particular solution
will need to update within this repository. Therefore, the processing requirement
definition goes beyond the immediate requirements of the solution, as follows:
Utility service-level function capable of issuing an update to the “comment” column of the
employee history table in the HR employee profile database, using the employee ID value as
the sole criteria.
At first glance, it looks like the Timesheet Submission solution may require new util-
ity services to facilitate Employee service processing requirements, as illustrated in
the expanded composition shown in Figure 8.10. These newly identified requirements
will need to be subjected to the service modeling process described in Chapter 6.
Timesheet
Submission
Confirm
Authorization
? ? Notification
Figure 8.10
The revised composition hierarchy identifying new potential utility services.
8.1 Service Model Design Considerations 207
It is eventually revealed that only one new utility service is required to accommodate
the Employee service—a Human Resources wrapper service that also can facilitate
the Timesheet service. Example 8.7 contains the fi nal version of the Employee service
definition, incorporating the changes to element names and the previous revisions.
<definitions name="Employee"
targetNamespace="http://www.example.org/tls/employee/wsdl/"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:act=
"http://www.example.org/tls/employee/schema/accounting/"
xmlns:hr="http://www.example.org/tls/employee/schema/hr/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://www.example.org/tls/employee/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<types>
<xml:schema targetNamespace=
"http://www.example.org/tls/employee/schema/">
<xml:import namespace=
"http://www.example.org/tls/employee/schema/
accounting/"
schemaLocation="Employee.xsd"/>
<xml:import namespace=
"http://www.example.org/tls/employee/schema/hr/"
schemaLocation="EmployeeHistory.xsd"/>
</xml:schema>
</types>
<message name="getWeeklyHoursRequestMessage">
<part name="RequestParameter"
element="act:EmployeeHoursRequestType"/>
</message>
<message name="getWeeklyHoursResponseMessage">
<part name="ResponseParameter"
element="act:EmployeeHoursResponseType"/>
</message>
<message name="updateHistoryRequestMessage">
<part name="RequestParameter"
element="hr:EmployeeUpdateHistoryRequestType"/>
</message>
<message name="updateHistoryResponseMessage">
<part name="ResponseParameter"
element="hr:EmployeeUpdateHistoryResponseType"/>
</message>
<portType name="EmployeeInterface">
<documentation>
208 Chapter 8: Service API and Contract Design with Web Services
Example 8.7
The final abstract service definition for the Employee service contract. The next step for this service will be to proceed
with its concrete service definition and its service logic.
• Entity services need to remain representative of the entity models from which
their corresponding service candidates were derived. Therefore, the naming
conventions used must reflect those established in the organization’s original
entity models. Typically, this type of service uses the noun-only naming structure.
Examples of suitable entity service names are Invoice, Customer, and Employee.
• Service operations for entity services should be verb-based and should not repeat
the entity name. For example, an entity service called Invoice should not have an
operation named AddInvoice.
• Utility service operations need to clearly communicate the nature of their indi-
vidual functionality. Examples of suitable utility service operation names are
GetReport, ConvertCurrency, and VerifyData.
• While microservices are not always subjected to the same design standards as
agnostic services, it is still recommended that the conventions for service and
operation names be applied consistently to whatever extent possible.
Whatever naming standards are chosen, the key is that they must be consistently
applied throughout all services within a given service inventory.
SOA PATTERNS
The Canonical Expression [325] pattern formalizes the use of naming conventions
for standardization purposes.
210 Chapter 8: Service API and Contract Design with Web Services
• Service Granularity – This represents the functional scope of a service. For example,
fine-grained service granularity indicates that there is a small quantity of logic
associated with the service’s overall functional context.
• Data Granularity – This granularity level represents the quantity of data processed.
For example, a fine level of data granularity is equivalent to a small amount of data.
Because the level of service granularity determines the functional scope of a service, it is
usually determined during the analysis and modeling stages that precede service con-
tract design. Once a service’s functional scope has been established, the other granular-
ity types come into play and affect both the modeling and physical design of the service
contract (Figure 8.11).
the quantity of logic
encapsulated by a service
capability determines the
level of capability granularity
Figure 8.11
The four granularity levels that represent various characteristics of a service and its contract.
Note that these granularity types are, for the most part, independent of each other.
8.2 Web Service Design Guidelines 211
Granularity is generally measured in terms of fine and coarse levels. It is worth acknowl-
edging that the use of the terms fine-grained and coarse-grained is highly subjective. What
may be fine-grained in one case may not be in another. The point is to understand how
these terms can be applied when comparing parts of a service or when comparing ser-
vices with each other.
NOTE
The term “constraint granularity” is not associated with the term constraint as it pertains to
REST.
Although the granularity at which services can be designed can vary, there is a ten-
dency to create APIs for Web services that are coarse-grained in order to get the most
out of each message exchange. Performance, of course, is critical to the success and ulti-
mate evolution of service-oriented solutions. However, other considerations also need
to be taken into account.
The coarser the granularity of a service contract, the less reuse it may be able to offer. If
multiple functions are bundled into a single operation, it may be undesirable for con-
sumers who only require the use of one of those functions. Additionally, some coarse-
grained APIs may actually impose redundant processing or data exchange by forcing
consumers to submit data not relevant to a particular activity.
Service contract granularity is a key strategic decision point that deserves a good deal
of attention during the service-oriented design phase. Here are some guidelines for
tackling this issue:
• Consider the use of secondary service contracts that support alternative, more
efficient communication protocols. Although it adds to its governance burden, it is
possible to support a second communications medium within a service inventory.
For example, it may be warranted to provide support for REST services alongside
SOAP-based Web services.
Regardless of your approach, ensure that it is consistent and predictable so that an SOA
can meet performance demands while remaining standardized.
TLS chose an approach to contract API granularity where services positioned for
use by consumers outside of TLS would provide consistently coarse-grained APIs.
Operations on these services would accept all the data required to process a particu-
lar activity. Further round-trips between external consumer and the service would
only be required if absolutely necessary or if internal policies demanded it. Services
used within TLS could provide less coarse-grained operations to facilitate reuse and
a broader range of potential (internal) consumers, as long as the processing overhead
imposed by less coarse-grained operations was acceptable.
SOA PATTERNS
Providing alternative contracts for the same service is addressed in the Concur-
rent Contracts [332] pattern. Adding redundant operations within the same Web
service contract is formalized via the Contract Denormalization [335] pattern.
Support for two communication protocols within the same service inventory is
described in the Dual Protocols [339] pattern.
services may need to be extended. While the application of Service Reusability (295)
and Service Composability (302) are thought through when partitioning logic as part
of the service modeling process, extensibility is more of a physical design quality that
needs to be considered during design.
Depending on the nature of the change, extensibility can sometimes be achieved with-
out breaking the existing service contract. It is important to design Web service opera-
tions and messages to be as activity-agnostic as possible. This supports the processing
of future non-specific values and functions that are still related to the operation’s or
message’s overall purpose. Furthermore, it is a good habit to respond to new processing
requirements by first investigating the possibility of composing other available services
(including services that can be purchased or leased). This may succeed in fulfilling
requirements without having to touch the service contract.
Note that extensions to an existing service contract will commonly impact its corre-
sponding XML schema. These extensions can be facilitated by supplying new schemas
specifically for the extension. Before going down this road, though, ensure that estab-
lished version control standards are firmly in place.
Due to the size of TLS’s organization, it is not uncommon for employees to be real-
located or to seek vertical or lateral position changes. The latter scenario is made fur-
ther common by the “promote from within” motto encouraged by many divisional
directors.
To implement this new requirement, the Timesheet service contract is not altered.
Instead, the underlying service logic is extended to invoke a separate utility service
that performs the profile verification.
214 Chapter 8: Service API and Contract Design with Web Services
SOA PATTERNS
It also allows you to leverage any existing XML Schema modules you may already
have designed. You can separate schemas into granular modules that represent indi-
vidual complex types. This establishes a centralized repository of schemas that can be
assembled into customized master schema defi nitions. By enabling you to import XML
Schema modules into the types construct of a WSDL definition, you now can have your
WSDL documents use those same schema modules.
TLS considers importing the bindings construct so that it can be reused and perhaps
even dynamically determined. However, it is later decided to leave the bindings
construct as part of the WSDL document. Example 8.8 shows how the import state-
ment is used to carry out this test.
<import namespace="http://.../common/wsdl/"
location="http://.../common/wsdl/bindings.wsdl"/>
Example 8.8
An import element used to pull in the bindings construct residing in a separate file.
8.2 Web Service Design Guidelines 215
http://schemas.xmlsoap.org/wsdl/
http://schemas.xmlsoap.org/wsdl/soap/
http://www.w3.org/2001/XMLSchema/
http://schemas.xmlsoap.org/wsdl/http/
http://schemas.xmlsoap.org/wsdl/mime/
http://schemas.xmlsoap.org/soap/envelope/
When assembling a WSDL from modules, additional namespaces come into play, espe-
cially when importing XML Schema definitions. Further, when defining your own ele-
ments, you can establish more namespaces to represent application-specific parts of the
WSDL documents. It is not uncommon for larger WSDL documents to contain up to ten
different namespaces and the qualifiers to go along with them. Therefore, it is highly
recommended that you organize the use of namespaces carefully within and across
WSDL documents.
Some of the common namespaces identified earlier are not required by the TLS
Employee service and therefore are omitted from the list of definitions attributes.
As shown in Example 8.9, the targetNamespace is added, along with two namespaces
associated with the two imported schemas.
<definitions name="Employee"
targetNamespace="http://www.xmltc.com/tls/employee/wsdl/"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:act=
"http://www.xmltc.com/tls/employee/schema/accounting/"
xmlns:hr="http://www.xmltc.com/tls/employee/schema/hr/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
216 Chapter 8: Service API and Contract Design with Web Services
xmlns:tns="http://www.xmltc.com/tls/employee/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
...
</definitions>
Example 8.9
The namespace declarations within the definitions element of the TLS Employee.wsdl file.
How these attributes are set is significant as it relates to the manner in which SOAP
message content is structured and represented.
The style attribute can be assigned a value of “document” or “rpc.” The former sup-
ports the embedding of entire XML documents within the SOAP body, whereas the lat-
ter is designed more to mirror traditional RPC communication and therefore supports
parameter type data.
The use attribute can be set to a value of “literal” or “encoded.” SOAP originally pro-
vided its own type system used to represent body content. Later, support for XML
Schema data types was incorporated. This attribute value indicates which type system
you want your message to use. The “literal” setting states that XML Schema data types
will be applied.
When considering these two attributes, the four following combinations are possible
and supported by SOAP:
• style:RPC + use:encoded
• style:RPC + use:literal
• style:document + use:encoded
• style:document + use:literal
In building the concrete part of the Employee service interface definition, TLS archi-
tects decide to use the style:document + use:literal combination, as shown in
Example 8.10.
<binding name="EmployeeBinding"
type="tns:EmployeeInterface">
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="GetWeeklyHoursLimit">
<soap:operation
soapAction="http://www.xmltc.com/soapaction"/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
<operation name="UpdateHistory">
<soap:operation
soapAction="http://www.xmltc.com/soapaction"/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
Example 8.10
The binding construct of the TLS Employee.wsdl document.
This page intentionally left blank
Chapter 9
R EST service contracts are typically designed around the primary functions of
HTTP methods, which make the documentation and expression of REST service
contracts distinctly different from operation-based Web service contracts. Regardless of
the differences in notation, the same overarching contract-first approach to designing
REST service contracts is paramount when building services for a standardized service
inventory.
This chapter provides service contract design guidance for service candidates modeled
as a result of the service-oriented analysis stage covered in Chapter 7.
Note that the physical design of REST service contract APIs may reveal functional
requirements that are more suitable for alternative implementation mediums. The need
to design a richer API or transactional functionality, for example, can warrant consider-
ation of the use of SOAP-based Web services, as explained in Chapter 8.
9.1 Service Model Design Considerations 221
SOA PATTERNS
As per the Dual Protocols [339] pattern, services within the same service inven-
tory may be based on different implementation mediums and communication
protocols. For example, REST services may reside alongside SOAP-based Web
services.
The Concurrent Contracts [332] and Service Façade [360] patterns can be further
applied to enable the same body of service logic to expose alternative service con-
tracts in support of two standard communication protocols.
REST entity service contracts are typically dominated by service capabilities that
include inherently idempotent and reliable GET, PUT, or DELETE methods. Entity ser-
vices may need to support updating their state consistently with changes to other entity
services. Entity services will also often include query capabilities for finding entities or
parts of entities that match certain criteria, and therefore return hyperlinks to related
and relevant entities.
Figure 9.1 provides an example of an entity service with two standard HTTP methods
and two complex methods.
Complex methods are covered toward the end of this chapter in the Complex Method
Design section.
Figure 9.1
An entity service based on the Invoice business Invoice
entity that defines a functional scope that limits
the service capabilities to performing invoice- GET /invoice/
{invoice-id}
related processing. This agnostic Invoice service
will be reused and composed by other services PUT /invoice/
{invoice-id}/customer
within the same service inventory in support of
Fetch /invoice/
different automated business processes that need
{invoice-id}
to process invoice-related data. This particular
Store /invoice/
invoice service contract displays two service {invoice-id}/customer
capabilities based on primitive methods and two
service capabilities based on complex methods.
SOA PATTERNS
Whereas individual utility services group related service capabilities, the services’
functional boundaries can vary dramatically. The example illustrated in Figure 9.2 is a
utility service acting as a wrapper for a legacy system.
9.1 Service Model Design Considerations 223
Figure 9.2
HR
This utility service contract encapsulates a legacy System
HR system (and is accordingly named). The service
capabilities it exposes provide generic, read-only GET /timesheet/
{timesheet-id}
data access functions against the data stored in
the underlying legacy repository. For example, the GET /employee/
{employee-id}/
Employee entity service (composed by the Verify
GET
Timesheet task service) may invoke an employee /employeehistory/
data-related service capability to retrieve data. {date}/
This type of utility service may provide access to GET /payroll/
one of several available sources of employee and {scale-id}
HR-related data.
SOA PATTERNS
Utility services are more likely to warrant support for alternative communication
protocols, which makes the application of the Dual Protocols [339], Concurrent
Contracts [332], and Service Façade [360] patterns more likely than with entity
services. Another pattern commonly applied during the utility service contract
design stage is Legacy Wrapper [347].
Microservice Design
The predominant design consideration that applies to microservice contracts is the flex-
ibility we have in how we can approach contract design. Due to the fact that microser-
vices are typically based on an intentionally non-agnostic functional context, they will
usually have limited service consumers. Sometimes a microservice may only have a
single service consumer. Because we assume that the microservice will never need to
facilitate any other service consumers in the future (because it is not considered reus-
able outside of a business process), the application of a number of service-orientation
principles becomes optional.
Most notably, this includes the Standardized Service Contract (291) principle. Micro-
service APIs can be, to a certain extent, non-standard so that their individual capabilities
can be optimized in support of their runtime performance and reliability requirements.
This flexibility further carries over to the application of the Service Abstraction (294)
and Service Loose Coupling (293) principles.
224 Chapter 9: Service API and Contract Design with REST Services and Microservices
Exceptions to this design freedom pertain primarily to how the microservice interacts
as part of the greater service composition. The cost of achieving the individual perfor-
mance requirements of a microservice needs to be weighed against the requirements of
the overall service-oriented solution it is a part of.
For example, the Standardized Service Contract (291) principle may need to be applied
to an extent to ensure that a microservice contract is designed to support a standard
schema that represents a common business document. Allowing the microservice to
introduce a non-standard schema may benefit the processing efficiency of the microser-
vice, but the resulting data transformation requirements for that data to be transformed
into the standard schema used by the remaining service composition members may be
unreasonable.
Figure 9.3 shows the service contract for the microservice that was modeled in Chapter 6.
Figure 9.3
Confirm
A microservice contract with a single- Authorization
purpose, non-agnostic functional scope.
The service provides three capabilities Confirm
specific to and in support of its parent
business process.
SOA PATTERNS
In addition to the Dual Protocols [339], Concurrent Contracts [332], Service Façade
[360], and Legacy Wrapper [347] patterns, REST-based microservices will com-
monly require the application of the Microservice Deployment [349] pattern and
possibly the application of the Containerization [333] pattern.
REST-based task services will often have service capabilities triggered by a POST
request. However, this method is not inherently reliable. A number of techniques exist
to achieve a reliable POST, including the inclusion of additional headers and handling
of response messages, or the inclusion of a unique consumer-generated request identi-
fier in the resource identifier.
To provide input to a parameterized task service it will make sense for the task service
contract to include various identifiers into the capability’s resource identifier template
(that might have been parameters in a SOAP message). This frees up the service to
expose additional resources rather than defi ning a custom media type as input to its
processing.
If the task service automates a long-running business process it will return an interim
response to its consumer while further processing steps may still need to take place. If
the task service includes additional capabilities to check on or interact with the state of
the business process (or composition instance), it will typically include a hyperlink to
one or more resources related to this state in the initial response message.
Figure 9.4
Validate
A sample task service, recognizable by the verb Timesheet
in its name. The contract only provides a service
capability used by the composition initiator to trigger POST /start/
{timesheet,
the execution of the Validate Timesheet business
request-id}
process that the task service logic encapsulates. In
GET /task/{id}
this case, the service capability receives a timesheet
DELETE /task/{id}
resource identifier that will be used as the basis of the
validation logic, plus a unique consumer-generated
request identifier that supports reliable triggering of
the process. Two additional service capabilities allow
consumers to asynchronously check on the progress
of the timesheet validation task, and to cancel the task
while it is in progress.
226 Chapter 9: Service API and Contract Design with REST Services and Microservices
MUA follows proven REST service contract design techniques together with cus-
tom design standards established specifically for the MUA enterprise. Architects use
select service candidates modeled in Chapter 7 as the basis for their service contract
designs.
Upon receiving the submission, a server-side script organizes the form data into an
XML document based on the following media type:
application/vnd.edu.mua.student-award-conferral-application+xhtml+xml
Example 9.1 provides a submitted application form completed with sample data col-
lected from the human user. This represents the data set that kickstarts and drives
the execution of an entire instance of the Confer Student Award business process.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Student Award Conferral Application</title>
</head>
<body>
<p>Student:
<a rel="student"
href="http://student.mua.edu/student/555333">
John Smith (Student Number 555333)
</a>
</p>
<p>Award:
<a rel="award"
href="http://award.mua.edu/award/BS/CompSci">
Bachelor of Science with Computer Science Major
</a>
</p>
9.1 Service Model Design Considerations 227
<p>Event:
<a rel="event"
href="http://event.mua.edu/achievement">
Outstanding Achievement
</a>
</p>
</body>
</html>
Example 9.1
Sample application data, as submitted to the Web server. This document structure contains both human-readable and
machine-processable information.
• GET /task/{id} – This capability allows the state of an executing instance of the
Confer Student Award business process to be queried.
Note that the sensitive nature of this kind of application means that the GET /task/
{id} capability can be accessed only by authorized staff and by the student. The
DELETE /task/{id} capability is only accessible by the student to cancel the applica-
tion process.
228 Chapter 9: Service API and Contract Design with REST Services and Microservices
The Event entity service is equipped with a GET /event/{id} service capability, which
is used to query event information and corresponds to the Get Details capability
candidate from the Event service candidate (Figure 9.6).
Back in Chapter 7, MUA analysts determined that the following action was to be
encompassed by the Confer Student Award task service logic:
• Verify Student Transcript Qualifies for Award Based on Award Conferral Rules
However, with the rules being specific to each award type they determine that it
should be the Award entity service that applies the bulk of these rules. Nevertheless,
some generic checks do need to be applied so the logic is divided between the Confer
Student Award task service and the Award entity service.
To avoid requiring the task service to pass full transcript details into the Award
entity service for verification, it is decided to use a code-on-demand approach. The
Award entity service provides the logic, but the logic is executed by the task ser-
vice. The decision to define the logic centrally within the Award entity service is
justified based on the need to produce human-readable output (for students), along-
side machine-readable output (for the Confer Student Award service). As a result,
the Entity service provides a new GET /award/conferral-rules service capability
(Figure 9.7) that supports the output of two formats for the rules logic: the fi rst in
9.1 Service Model Design Considerations 229
The Notification service is retained for email notifications while the Document
service has been evolved into a printer-centric and postal delivery–centric utility ser-
vice. The Confer Student Award task service can send a document to the student in
the preferred format by looking up the preferred delivery method in the original
application form.
As shown in Figure 9.10, the Notification and Document services can each be invoked
with the POST method.
Figure 9.10
The Notification and Document
service contracts.
The sample student (John Smith) from the application form used as input for the
Confer Student Award task service has nominated his contact preference with a
hyperlink to mailto:[email protected]. The service inventory standard
for handling such an address is to transform the URL into http://notification.
mua.edu/[email protected] and use a POST method for its
delivery. John Smith’s notification will be delivered via email to this address.
9.2 REST Service Design Guidelines 231
The following sections explore how common elements of a uniform contract (methods,
media types, and exceptions in particular) can be customized to meet the needs of indi-
vidual service inventories.
NOTE
Less well-known HTTP methods have come and gone in the past. For example, at vari-
ous times the HTTP specification has included a PATCH method consistent with a partial
update or partial store communications mechanism. PATCH is currently specified sepa-
rately from HTTP methods in the IETF’s RFC 5789 document. Other IETF specifications,
such as WebDAV’s RFC 4918 and the Session Initiation Protocol’s RFC 3261, introduced
new methods as well as new headers and response codes (or special interpretations
thereof).
232 Chapter 9: Service API and Contract Design with REST Services and Microservices
HTTP provides a solid foundation by supplying the basic set of methods (such as GET,
PUT, DELETE, POST) proven by use on the Web and widely supported by off-the-shelf
software components and hardware devices. But the need to express other types of
interactions for a service inventory may arise. For example, you may decide to add a
special method that can be used to reliably trigger a resource to execute a task at most
once, rather than using the less reliable HTTP POST method.
HTTP is designed to be extended in these ways. The HTTP specification explicitly sup-
ports the notion of extension methods, customized headers, and extensibility in other
areas. Leveraging this feature of HTTP can be effective, as long as new extensions are
added carefully and at a rate appropriate for the number of services that implement
HTTP within an inventory. This way, the total number of options for moving data
around (that services and consumers are required to understand) remains manageable.
NOTE
At the end of this chapter we explore a set of sample extended methods (referred to as
complex methods). Each utilizes multiple basic HTTP methods or a single basic HTTP
method multiple times to perform pre-defined, standardized message interactions.
Common circumstances that can warrant the creation of new methods include:
Some alternatives to creating new methods can also be explored. For example, service
interactions that require a number of steps can use hyperlinks to guide consumers
through the requests they need to make. The HTTP Link header (RFC 5988) can be con-
sidered to keep these hyperlinks separate from the actual document content.
SOA PATTERNS
Working with and customizing the uniform interface pertains to the natural
application of the Reusable Contract [355] pattern.
• To add parameters related to a response code. For example, the Location header
can be used with the 201 Created response code to indicate the identifier of a
newly created resource.
This type of general metadata may be used in conjunction with any HTTP method.
HTTP headers can also be utilized to add rich metadata. For this purpose custom head-
ers are generally required, which reintroduces the need to determine whether or not
the message content must be understood by recipients or whether it can optionally be
ignored. This association of must-understand semantics with new methods and must-
ignore semantics with new message headers is not an inherent feature of REST, but it is
a feature of HTTP.
When introducing custom HTTP headers that can be ignored by services, regular HTTP
methods can safely be used. This also makes the use of custom headers backwards-
compatible when creating new versions of existing message types.
As previously stated in the Designing and Standardizing Methods section, new HTTP
methods can be introduced to enforce must-understand content by requiring services
to either be designed to support the custom method or to reject the method invocation
attempt altogether. In support of this behavior, a new Must-Understand header can be
created in the same format as the existing Connection header, which would list all the
headers that need to be understood by message recipients.
If this type of modification is made to HTTP, it would be the responsibility of the SOA
Governance Program Office responsible for the service inventory to ensure that these
semantics are implemented consistently as part of inventory-wide design standards. If
custom, must-understand HTTP headers are successfully established within a service
inventory, we can explore a range of applications of messaging metadata. For example,
we can determine whether it is possible or feasible to emulate messaging metadata such
as what is commonly used in SOAP messaging frameworks based on WS-* standards.
While custom headers that enforce reliability or routing content (as per the
WS-ReliableMessaging and WS-Addressing standards) can be added to recreate
acknowledgement and intelligent load balancing interactions, other forms of WS-*
functions are subject to built-in limitations of the HTTP protocol. The most prominent
example is the use of WS-Security to enable message-level security features, such as
encryption and digital signatures. Message-level security protects messages by actu-
ally transforming the content so that intermediaries along a message path are unable to
read or alter message content. Only those message recipients with prior authorization
are able to access the content.
This type of message transformation is not supported in HTTP/1.1. HTTP does have
some basic features for transforming the body of the message alone through its
9.2 REST Service Design Guidelines 235
A given response message can contain any one of a wide variety of HTTP codes, each
of which has a designated number. Certain ranges of code numbers are associated with
particular types of conditions, as follows:
• 200-299 are general success codes used to describe various kinds of success
conditions.
• 300-399 are redirection codes used to request that the consumer retry a request to
a different resource identifier, or via a different intermediary.
• 400-499 represent consumer-side error codes that indicate that the consumer has
produced a request that is invalid for some reason.
• 500-599 represent service-side error codes that indicate that the consumer’s
request may have been valid but that the service has been unable to process it for
internal reasons.
The consumer-side and service-side exception categories are helpful for “assigning
blame” but do little to actually enable service consumers to recover from failure. This is
because, while the codes and reasons provided by HTTP are standardized, how service
236 Chapter 9: Service API and Contract Design with REST Services and Microservices
consumers are required to behave upon receiving response codes is not. When stan-
dardizing service design for a service inventory, it is necessary to establish a set of con-
ventions that assign response codes concrete meaning and treatment.
Table 9.1 provides common descriptions of how service consumers can be designed to
respond to common response codes.
Response
Reason Phrase Treatment
Code
200 OK Success
Response
Reason Phrase Treatment
Code
Response
Reason Phrase Treatment
Code
Response
Reason Phrase Treatment
Code
Table 9.1
HTTP response codes and typical corresponding consumer behavior.
As is evident when reviewing Table 9.1, HTTP response codes go well beyond the simple
distinction between success and failure. They provide an indication of how consumers
can respond to and recover from exceptions.
Let’s take a closer look at some of the values from the Treatment column in Table 9.1:
• Repeat means that the consumer is encouraged to repeat the request, taking into
account any delay specified in responses such as 503 Service Unavailable. This
may mean sleeping before trying again. If the consumer chooses not to repeat the
request, it must treat the method as failed.
• Success means the consumer should treat the message transmission as a success-
ful action and must therefore not repeat it. (Note that specific success codes may
require more subtle interpretation.)
• Failed means that the consumer must not repeat the request unchanged, although
it may issue a new request that takes the response into account. The consumer
should treat this as a failed method if a new request cannot be generated. (Note
that specific failure codes may require more subtle interpretation.)
• Indeterminate means that the consumer needs to modify its request in the manner
indicated. The request must not be repeated unchanged and a new request that
takes the response into account should be generated. The final outcome of the
interaction will depend on the new request. If the consumer is unable to generate
a new request then this code must be treated as failed.
Because HTTP is a protocol and not a set of message processing logic, it is up to the
service to decide what status code (success, failure, or otherwise) to return. As previ-
ously mentioned, because consumer behavior is not always sufficiently standardized by
REST for machine-to-machine interactions, it needs to be explicitly and meaningfully
standardized as part of an SOA project.
240 Chapter 9: Service API and Contract Design with REST Services and Microservices
For example, indeterminate codes tend to indicate that service consumers must handle
a situation using their own custom logic. We can standardize these types of codes in
two ways:
• Design standards can determine which indeterminate codes can and cannot be
issued by service logic.
• Design standards can determine how service consumer logic must interpret those
indeterminate codes that are allowed.
Specific service inventories can follow this approach by introducing custom response
codes as part of the service inventory design standards. In support of the Uniform Con-
tract {311} constraint, custom response codes should only be defined at the uniform
contract level, not at the REST service contract level.
When creating custom response codes, it is important that they be numbered based on
the range they fall in. For example, 2xx codes should be communicating success, while
4xx codes should only represent failure conditions.
Consumers can associate generic logic to handle response codes in each of these ranges,
but may also need to associate specific logic to specific codes. Some codes can be limited
9.2 REST Service Design Guidelines 241
so that they are only generated if the consumer requests a special feature of HTTP,
which means that some codes can be left unimplemented by consumers that do not
request these features.
Uniform contract exceptions are generally standardized within the context of a particu-
lar new type of interaction that is required between services and consumers. They will
typically be introduced along with one or more new methods and/or headers. This con-
text will guide the kind of exceptions that are created. For example, it may be necessary
to introduce a new response code to indicate that a request cannot be fulfilled due to a
lock on a resource. (WebDAV provides the 423 Locked code for this purpose.)
When introducing and standardizing custom response codes for a service inventory
uniform contract, we need to ensure that:
• The extent to which service consumer behavior is regulated and is not too restric-
tive so that the code can apply to a large range of potential situations
• Code values are set to avoid potential collision with response codes from relevant
external protocol specifications
• Code values are set to avoid collision with custom codes from other service inven-
tories (in support of potential cross-service inventory message exchanges that may
be required)
Response code numeric ranges can be considered a form of exception inheritance. Any
code within a particular range is expected to be handled by a default set of logic, just as
if the range were the parent type for each exception within that range.
In this section we have briefly explored response codes within the context of HTTP.
However, it is worth noting that REST can be applied with other protocols (and other
response codes). It is ultimately the base protocol of a service inventory architecture
that will determine how normal and exceptional conditions are reported.
For example, you could consider having a REST-based service inventory standardized
on the use of SOAP messages that result in SOAP-based exceptions instead of HTTP
exception codes. This allows the response code ranges to be substituted for inheritance
of exceptions.
242 Chapter 9: Service API and Contract Design with REST Services and Microservices
Some common media types from the Web to consider for service inventories and ser-
vice contracts include:
Before inventing new media types for use within a service inventory, it is advisable to
first carry out a search of established industry media types that may be suitable.
Whether choosing existing media types or creating custom ones, it is helpful to con-
sider the following best practices:
• Each specific media type should ideally be specific to a schema. For exam-
ple, application/xml or application/json are not schema-specific, while
application/atom+xml used as a syndication format is specific enough to be
useful for content negotiation and to identify how to process documents.
• Media types should be abstract in that they specify only as much information as
their recipients need to extract via their schemas. Keeping media types abstract
allows them to be reused within more service contracts.
9.2 REST Service Design Guidelines 243
• New media types should reuse mature vocabularies and concepts from industry
specifications whenever appropriate. This reduces the risk that key concepts have
been missed or poorly constructed, and further improves compatibility with other
applications of the same vocabularies.
• Custom media types should be defi ned with must-ignore semantics or other
extension points that allow new data to be added to future versions of the media
type without old services and consumers rejecting the new version.
All media types that are either invented for a particular service inventory or reused
from another source should be documented in the uniform contract profile, alongside
the definition of uniform methods.
HTTP uses Internet media type identifiers that conform to a specific syntax. Custom
media types are usually identified with the notation:
application/vnd.organization.type+supertype
where application is a common prefix that indicates that the type is used for machine
consumption and standards. The organization field identifies the vendor namespace,
which can optionally be registered with IANA.
The type part is a unique name for the media type within the organization, while the
supertype indicates that this type is a refi nement of another media type. For example,
application/vnd.com.examplebooks.purchase-order+xml may indicate that:
• The type is vendor-specific, and the organization that has defi ned the type is
“examplebooks.com.”
244 Chapter 9: Service API and Contract Design with REST Services and Microservices
• The type is for purchase orders (and may be associated with a canonical Purchase
Order XML schema).
• The type is derived from XML, meaning that recipients can unambiguously
handle the content with XML parsers.
Types meant for more general interorganizational use can be defi ned with the media
type namespace of the organization ultimately responsible for defining the type.
Alternatively, they can be defined without the vendor identification information in
place by registering each type directly, following the process defined in the RFC 4288
specification.
SOA PATTERNS
The Content Negotiation [334] pattern formalizes the native ability of REST ser-
vices to process media type information at runtime.
For this to be successful, especially with larger collections of services, schemas need
to be designed to be flexible. This means that it is generally preferable for schemas to
enforce a coarse level of validation constraint granularity that allows each schema to be
applicable for use with a broader range of data interaction requirements.
REST requires that media types and their schemas be defined only at the uniform
contract level. If a service capability requires a unique data structure for a response
message, it must still use one of the canonical media types provided by the uniform
contract. Designing schemas to be flexible and weakly typed can accommodate a vari-
ety of service-specific message exchange requirements, but perhaps not for all cases.
Example 9.2
One of the most straightforward ways of making a media type more reusable is to design the schema to support a list of zero
or more items. This enables the media type to permit one instance of the underlying type, but also allows queries that return
zero or more instances. Making individual elements within the document optional can also increase reuse potential.
SOA PATTERNS
• No new canonical schema should be created due to the fact that it would not
be reusable by other services
246 Chapter 9: Service API and Contract Design with REST Services and Microservices
The standardization of HTTP on the World Wide Web results in a protocol specification
that describes the things that services and consumers “may,” “should,” or “must” do
to be compliant with the protocol. The resulting level of standardization is intention-
ally only as high as it needs to be to ensure the basic functioning of the Web. It leaves a
number of decisions as to how to respond to different conditions up to the logic within
individual services and consumers. This “primitive” level of standardization is impor-
tant to the Web, where we can have numerous foreign service consumers interacting
with third-party services at any given time.
For example, let’s say that we would like to introduce a design standard whereby all
accounting-related documents (invoices, purchase orders, credit notes, etc.) must be
retrieved with logic that, upon encountering a retrieval failure, automatically retries the
retrieval a number of times. The logic would further require that subsequent retrieval
attempts do not alter the state of the resource representing the business documents
(regardless of whether a given attempt is successful).
9.2 REST Service Design Guidelines 247
With this type of design standard, we are essentially introducing a set of rules and
requirements as to how the retrieval of a specific type of document needs to be carried
out. These are rules and requirements that cannot be expressed or enforced via the
base, primitive methods provided by HTTP. Instead, we can apply them in addition to
the level of standardization enforced by HTTP by assembling them (together with other
possible types of runtime functions) into aggregate interactions. This is the basis of the
complex method.
As previously stated, complex methods are generally customized for and standardized
within a given service inventory. For a complex method to be standardized, it needs to
be documented as part of the service inventory architecture specification. We can define
a number of common complex methods as part of a uniform contract that then become
available for implementation by all services within the service inventory.
Complex methods have distinct names. The complex method examples that we’re cov-
ering are called:
• Fetch – A series of GET requests that can recover from various exceptions
• Store – A series of PUT or DELETE requests that can recover from various
exceptions
• Delta – A series of GET requests that keep a consumer in sync with changing
resource state
Services that support a complex method communicate this by showing the method
name as part of a separate service capability (Figure 9.11), alongside the primitive meth-
ods that the complex method is built upon. When project teams create consumer pro-
grams for certain services, they can determine the required consumer-side logic for a
complex method by identifying what complex methods the service supports, as indi-
cated by its published service contract.
Figure 9.11
An Invoice service contract displaying two Invoice
service capabilities based on primitive methods
and two service capabilities based on complex GET /invoice/
{invoice-id}
methods. We can initially assume that the two
complex methods incorporate the use of the PUT /invoice/
{invoice-id}/customer
two primitive methods, and proceed to confirm
Fetch /invoice/
this by studying the design specification that
{invoice-id}
documents the complex methods.
Store /invoice/
{invoice-id}/customer
NOTE
When applying the Service Abstraction (294) principle to REST service composition design,
we may exclude entirely describing some of the primitive methods from the service contract.
This can be the result of design standards that only allow the use of a complex method in
certain situations. Going back to the previous example about the use of a complex method
for retrieving accounting-related documents, we may have a design standard that prohib-
its these documents from being retrieved via the regular GET method (because the GET
method does not enforce the additional reliability requirements).
It is important to note that the use of complex methods is by no means required. Out-
side of controlled environments in which complex methods can be safely defined, stan-
dardized, and applied in support of the Increased Intrinsic Interoperability goal, their
use is uncommon and generally not recommended. When building a service inventory
architecture, we can opt to standardize on certain interactions through the use of com-
plex methods or we can choose to limit REST service interaction to the use of primitive
methods only. This decision will be based heavily on the distinct nature of the business
requirements addressed and automated by the services in the service inventory.
Despite their name, complex methods are intended to add simplicity to service inven-
tory architecture. For example, let’s imagine we decide not to use pre-defined complex
9.2 REST Service Design Guidelines 249
methods and then realize that there are common rules or policies that we applied to
numerous services and their consumers. In this case, we will have built the common
interaction logic redundantly across each individual consumer-service pair. Because
the logic was not standardized, its redundant implementations will likely exist differ-
ently. When we need to change the common rules or policies, we will need to revisit
each redundant implementation accordingly. This maintenance burden and the fact
that the implementations will continue to remain out of sync make this a convoluted
architecture that is unnecessarily complex. This is exactly the problem that the use of
complex methods is intended to avoid.
The upcoming sections introduce a set of sample complex methods organized into two
sections:
Note that these methods are by no means industry standard. Their names and the type
of message interactions and primitive method invocations they encompass have been
customized to address common types of functionality.
NOTE
The Case Study Example at the end of this chapter further explores this subject matter. In
this example, in response to specific business requirements, two new complex methods
(one stateless, the other stateful) are defined.
Fetch Method
Instead of relying only on a single invocation of the HTTP GET method (and its associ-
ated headers and behavior) to retrieve content, we can build a more sophisticated data
retrieval method with features such as
• Required support for runtime content negotiation to ensure the service consumer
receives data in a form it understands
250 Chapter 9: Service API and Contract Design with REST Services and Microservices
• Required redirection support to ensure that changes to the service contract can be
gracefully accommodated by service consumers
We’ll refer to this type of enhanced read-only complex method as a Fetch. Figure 9.12
shows an example of a pre-defined message interaction of a Fetch method designed to
perform content negotiation and automatic retries.
: Consumer : Service
1: Start Request()
3: Redirection(resource)
6: Sleep()
Figure 9.12
An example of a Fetch complex method comprised of consecutive GET method calls.
Store Method
When using the standard PUT or DELETE methods to add new resources, set the state
of existing resources, or remove old resources, service consumers can suffer request
timeouts or exception responses. Although the HTTP specification explains what each
exception means, it does not impose restrictions as to how they should be handled. For
this purpose, we can create a custom Store method to standardize necessary behavior.
The Store method can have a number of the same features as a Fetch, such as requiring
automatic retry of requests, content negotiation support, and support for redirection
9.2 REST Service Design Guidelines 251
exceptions. Using PUT and DELETE, it can also defeat low bandwidth connections by
always sending the most recent state requested by the consumer, rather than needing to
complete earlier requests first.
The same way that individual primitive HTTP methods can be idempotent, the Store
method can be designed to behave idempotently. By building upon primitive idem-
potent methods, any repeated, successful request messages will have no further effect
after the first request message is successfully executed.
• A “toggle” request would not be idempotent because repeating the request toggles
the state back to “Unpaid.”
• The “PUT” request is idempotent when setting the invoice to “Paid” because it has
the same effect, no matter how many times the request is repeated.
It is important to understand that the Store and its underlying PUT and DELETE
requests are requests to service logic, not an action carried out on the service’s under-
lying database. As shown in Figure 9.13, these types of requests are stated in an idem-
potent manner in order to efficiently allow for the retrying of requests without the need
for sequence numbers to add reliable messaging support.
: Consumer : Service
1: Start Request()
2: PUT(resource, representation)
3: Redirection(resource)
4: PUT(resource, representation)
6: Sleep()
7: PUT(resource, representation)
Figure 9.13
An example of the interaction carried out by a Store complex method.
252 Chapter 9: Service API and Contract Design with REST Services and Microservices
NOTE
Service capabilities that incorporate this type of method are an example of the application
of the Idempotent Capability [345] pattern.
Delta Method
It is often necessary for a service consumer to remain synchronized with the state of a
changing resource. The Delta method is a synchronization mechanism that facilitates
stateless synchronization of the state of a changing resource between the service that
owns this state and consumers that need to stay in alignment with the state.
The Delta method follows processing logic based on the following three basic functions:
2. The consumer gets a URL referring to the location in the history that represents
the last time the consumer queried the state of the resource.
3. The next time the consumer queries the resource state, the service (using the URL
provided by the consumer) returns a list of changes that have occurred since the
last time the consumer queried the resource state.
The service provides a “main” resource that responds to GET requests by returning the
current state of the resource. Next to the main resource it provides a collection of “delta”
resources that each return the list of changes from a nominated point in the history
buffer.
The consumer of the Delta method activates periodically or when requested by the core
consumer logic. If it has a delta resource identifier it sends its request to that location.
If it does not have a delta resource identifier, it retrieves the main resource to become
synchronized. In the corresponding response the consumer receives a link to the delta
for the current point in the history buffer. This link will be found in the Link header
(RFC 5988) with relation type Delta.
9.2 REST Service Design Guidelines 253
: Consumer : Service
1: Start Request()
4: Fetch Delta()
6: No Content
8: Fetch Delta()
14: Gone
Figure 9.14
An example of the message interaction encompassed by the Delta complex method.
254 Chapter 9: Service API and Contract Design with REST Services and Microservices
The requested delta resource can be in any one of the following states:
1. It can represent a set of one or more changes that have occurred to the main
resource since the point in history that the delta resource identifier refers to. In
this case, all changes in the history from the nominated point are returned along
with a link to the new delta for the current point in the history buffer. This link
will be found in the Link header with relation type Next.
2. It may not have a set of changes because no changes have occurred since its nomi-
nated point in the history buffer, in which case it can return the 204 No Content
response code to indicate that the service consumer is already up-to-date and can
continue using the delta resource for its next retrieval.
3. Changes may have occurred, but the delta has already expired because the nomi-
nated point in history is now so old that the service has elected not to preserve the
changes. In this situation, the resource can return a 410 Gone code to indicate that
the consumer has lost synchronization and should re-retrieve the main resource.
Delta resources use the same caching strategy as the main resource.
The service controls how many historical deltas it is prepared to accumulate, based on
how much time it expects consumers will take (on average) to get up-to-date. In certain
cases where a full audit trail is maintained for other purposes, the number of deltas can
be indefinite. The amount of space required to keep this record is constant and predict-
able regardless of the number of consumers, leaving each individual service consumer
to keep track of where it is in the history buffer.
Async Method
This complex method provides pre-defined interactions for the successful and canceled
exchange of asynchronous messages. It is useful for when a given request requires more
time to execute than what the standard HTTP request timeouts allow.
Normally if a request takes too long, the consumer message processing logic will time
out or an intermediary will return a 504 Gateway Timeout response code to the service
consumer. The Async method provides a fallback mechanism for handling requests
and returning responses that does not require the service consumer to maintain its
HTTP connection open for the total duration of the request interaction.
As shown in Figure 9.15, the service consumer issues a request, but does so specifying
a call-back resource identifier. If the service chooses to use this identifier, it responds
9.2 REST Service Design Guidelines 255
with the 202 Accepted response code, and may optionally return a resource identifier
in the Location header to help it track the place of the asynchronous request in its
processing queue.
When the request has been fully processed, its result is delivered by the service, which
then issues a request to the callback address of the service consumer. If the service
consumer issues a DELETE request (as shown in Figure 9.16) while the Async request is
still in the processing queue (and before a response is returned), a separate pre-defined
interaction is carried out to cancel the asynchronous request. In this case, no response
is returned and the service cancels the processing of the request.
: Consumer : Service
1: Start Request()
3: Accepted(request resource)
4: Begin Processing()
6: OK
Figure 9.15
An asynchronous request interaction encompassed by the Async complex method.
Figure 9.16
An asynchronous cancel interaction encompassed by the Async complex method.
256 Chapter 9: Service API and Contract Design with REST Services and Microservices
If the consumer cannot listen for callback requests, it can use the asynchronous request
identifier to periodically poll the service. After the request has been successfully han-
dled, it is possible to retrieve its result using the previously described Fetch method
before deleting the asynchronous request state. Services that execute either interaction
encompassed by this method must have a means of purging old asynchronous requests
if service consumers are unavailable to pick up responses or otherwise “forget” to delete
request resources.
Trans Method
The Trans method essentially provides the interactions necessary to carry out a two-
phase commit between one service consumer and one or more services. Changes made
within the transaction are guaranteed to either successfully propagate across all partici-
pating services, or all services are rolled back to their original states.
This type of complex method requires a “prepare” function for each participant before
a final commit or rollback is carried out. Functionality of this sort is not natively sup-
ported by HTTP. Therefore, we need to introduce a custom PREP-PUT method (a vari-
ant of the PUT method), as shown in Figure 9.17.
In this example the PREP-PUT method is the equivalent of PUT, but it does not commit
the PUT action. A different method name is used to ensure that if the service does not
understand how to participate in the Trans complex method, it then rejects the PREP-
PUT method and allows the consumer to abort the transaction.
Carrying out the logic behind a typical Trans complex method will usually require the
involvement of a transaction controller to ensure that the commit and rollback func-
tions are truly and reliably carried out with atomicity.
9.2 REST Service Design Guidelines 257
: Consumer : Service
1: Start Request()
4: OK
7: OK
Figure 9.17
An example of a Trans complex method, using a custom primitive method called PREP-PUT.
PubSub Method
A variety of publish-subscribe options are available after it is decided to intentionally
breach the Stateless {308} constraint. These types of mechanisms are designed to sup-
port real-time interactions in which a service consumer must act immediately when
some pre-determined event at a given resource occurs.
There are various ways that this complex method can be designed. Figure 9.18 illus-
trates an approach that treats publish-subscribe messaging as a “cache-invalidation”
mechanism.
The amount of state required to manage these subscriptions is bound to one fixed-sized
record for each service consumer. If multiple invalidations queue up for a particular
subscribed event, they can be folded together into a single notification. Regardless of
whether the consumer receives one or multiple invalidation messages, it will still only
need to invoke one Fetch method to bring itself up-to-date with the state of its resources
each time it sees one or more new invalidation messages.
258 Chapter 9: Service API and Contract Design with REST Services and Microservices
: Consumer : Service
1: Start Request()
3: Created(subscription resource)
4: Resource changed()
5: EXPIRE(callback resource)
6: OK
7: Begin fetch()
10: Unsubscribe()
12: OK
Figure 9.18
An example of a PubSub complex method based on cache invalidation. When the service determines that
something has changed on one or more resources, it issues cache expiry notifications to its subscribers. Each
subscriber can then use a Fetch complex method (or something equivalent) to bring the subscriber up-to-date
with respect to the changes.
The PubSub method can be further adjusted to distribute subscription load and session
state storage to different places around the network. This technique can be particularly
effective within cloud-based environments that naturally provide multiple, distributed
storage resources.
SOA PATTERNS
The Event-Driven Messaging [343] pattern can be applied in support of this com-
plex method. It provides an alternative to the repeated polling of the resource,
which can negatively impact performance if the polling frequency is increased to
detect changes with minimal delay.
9.2 REST Service Design Guidelines 259
The MUA team responsible for service design encounters a number of requirements
for accessing and updating resource state. For example:
• One service consumer needs to atomically read the state of the resource,
perform processing, and store the updated state back to the resource.
• Another service consumer needs to support concurrent user actions that mod-
ify the same resource. These actions update certain resource properties while
others need to remain the same.
Allowing individual services consumers to contain different custom logic that per-
forms these types of functions will inadvertently lead to problems and runtime
exceptions when any two service consumers attempt updates to the same resource
at the same time.
MUA architects conclude that the simplest way to avoid this is to introduce a new
complex method that ensures that a resource is locked while being updated by a
given consumer. Using the rules of optimistic locking, an approach commonly used
with database updates, they are able to create a complex method that is stateless and
takes advantage of existing standard features of the HTTP protocol. They name the
method “OptLock” and write up an official description that is made part of the uni-
form contract profile.
Specifically, a consumer will first retrieve the current state associated with a resource
identifier using the Fetch method. Along with the data, the consumer also receives an
“ETag.” ETag is a concept from HTTP that uniquely identifies the version of a resource
in an opaque fashion. Whenever the resource changes state, its ETag is guaranteed to
be different. When the service consumer initiates a Store, it does so conditionally by
requesting the service to only honor the Store interaction if the resource’s ETag still
260 Chapter 9: Service API and Contract Design with REST Services and Microservices
matches the one that it had when fetched. This is done with the If-Match header.
The service can use the ETag value in the condition to detect whether the resource
state has been changed in the meantime.
: Consumer : Service
1: Start Request()
4: Process representation()
6: OK or Precondition Failed
Figure 9.19
An example of an OptLock complex method.
The OptLock complex method does not introduce any new features to HTTP, but
instead introduces new requirements for the handling of GET and PUT requests.
Specifically, the GET request must return an ETag value and the PUT request must
process the If-Match header. Additionally, if the resource has changed, the service
must further guarantee not to carry out the PUT request.
There are several techniques for computing ETags. Some compute a hash value
out of the state information associated with the resource, some simply keep a “last
modified” timestamp for each resource, and others track the version of the resource
state explicitly.
The OptLock method may not scale effectively for high concurrent access to a partic-
ular resource. If consumer update requests are denied with an HTTP 409 Conflict
response code, the OptLock method prescribes how the consumer can recover by
9.2 REST Service Design Guidelines 261
fetching a newer version of the resource over which they have to recompute the
change and retry the Store method. However, this may fail again due to a conflicting
update request. Service consumers that interact with a resource in this way rely on
that particular resource having relatively low rates of write access.
The OptLock complex method becomes available as part of the uniform contract and
is implemented by several services. However, scenarios emerge where multiple con-
sumers attempt to modify the resource at the same time, causing regular exceptions
and failed updates. These situations occur during peak usage times, and because
concurrent usage volume is expected to increase further, it is determined that a more
efficient means of serializing updates to the resource needs to be established.
As shown in Figure 9.20, the WebDAV extensions to HTTP provide locking primi-
tives that can be used within a composition architecture that intentionally breaches
the Stateless {308} constraint. One consumer may lock out others from accessing a
resource, so care must be taken that appropriate access control policies are in place.
Consumers can also fail while the lock is held, which means that locks must be able
to time out independently of the consumers that register them.
This way, the service consumer would be able to lock the resource for as long as it
takes to read the state, modify it, and write it back again. Although other service
consumers would still encounter exceptions while attempting to update the resource
at the same time as the consumer that has locked it, it is deemed preferable to the
unpredictability of managing the resource as part of an optimistic locking model.
This solution is not embraced by all of the MUA architects because retaining the lock
on the resource requires that the Stateless {308} constraint be breached. It could fur-
ther lead to the danger of stale locks starting, impacting performance and scalabil-
ity. In particular, unless proper measures are taken to ensure that only authorized
262 Chapter 9: Service API and Contract Design with REST Services and Microservices
consumers may lock a resource, this exposes the resources to denial of service attacks
by malicious consumers that could lock out all other consumers.
: Consumer : Service
1: Start Request()
2: LOCK(resource)
3: OK(lock resource)
4: PUT(resource, representation)
5: OK
6: DELETE(lock resource)
7: OK
Figure 9.20
An example of a PesLock complex method.
Chapter 10
A fter a service contract is deployed, consumer programs will naturally begin form-
ing dependencies on it. When we are subsequently forced to make changes to the
contract, we need to figure out:
• Whether the changes will negatively impact existing (and potentially future)
servicec onsumers
• How changes that will and will not impact consumers should be implemented
and communicated
These issues result in the need for versioning. Anytime you introduce the concept of
versioning into an SOA project, a number of questions will likely be raised, for example:
• What exactly constitutes a new version of a service contract? What’s the difference
between a major and minor version?
• Will the new version of the contract still work with existing consumers that were
designed for the old contract version?
• Will the current version of the contract work with new consumers that may have
different data exchange requirements?
• What is the best way to add changes to existing contracts while minimizing the
impact on consumers?
• Will we need to host old and new contracts at the same time? If yes, for how long?
We will address these questions and provide a set of options for solving common ver-
sioning problems. The upcoming sections begin by covering some basic concepts, ter-
minology, and strategies specific to service contract versioning.
10.1 Versioning Basics 265
Furthermore, each of these definition documents can be shared by other Web service
contracts. For example,
Of all the different parts of a Web service contract, the part that establishes the fun-
damental technical interface is the abstract description of the WSDL definition. This
represents the core of a Web service contract and is then further extended and detailed
through schema definitions, policy definitions, and one or more concrete WSDL
descriptions.
When we need to create a new version of a Web service contract, we can therefore
assume that there has been a change in the abstract WSDL description or one of the con-
tract documents that relates to the abstract WSDL description. The Web service contract
content commonly subject to change is the XML schema content that provides the types
for the abstract description’s message definitions. Finally, the one other contract-related
266 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
technology that can still impose versioning requirements but is less likely to do so sim-
ply because it is a less common part of Web service contracts is WS-Policy.
• All HTTP methods used in contracts are standard across the architecture.
• XML Schema definitions are standard, as they are wrapped up in general media
types.
• The identifier syntax for lightweight service endpoints (known as resources) are
standard across the architecture.
Changes to the uniform contract facets that underlie each service contract can impact
any REST service in the service inventory.
Example 10.1
A complexType construct containing fine and coarse-grained constraints.
10.2 Versioning and Compatibility 267
As indicated by the bolded text, there are elements with specific names and data types
that represent parts of the message defi nition with a fine level of constraint granularity.
All the message instances (the actual XML documents that will be created based on this
structure) must conform to these constraints to be considered valid (which is why these
are considered the absolute “minimum” constraints).
The italicized text shows the element and attribute wildcards also contained by this
complex type. These represent parts of the message defi nition with an extremely coarse
level of constraint granularity in that messages do not need to comply to these parts of
the message definition at all.
The use of the terms “fine-grained” and “coarse-grained” is highly subjective. What
may be a fine-grained constraint in one contract may not be in another. The point is to
understand how these terms can be applied when comparing parts of a message defi ni-
tion or when comparing different message defi nitions with each other.
This section establishes the fundamental types of compatibility that relate to the content
and design of new contract versions and also tie into the goals and limitations of differ-
ent versioning strategies introduced at the end of this chapter.
Backwards Compatibility
A new version of a service contract that continues to support consumer programs
designed to work with the old version is considered backwards compatible. From a design
perspective, this means that the new contract has not changed in such a way that it can
impact existing consumer programs that are already using the contract.
Example 10.2
The addition of a new operation represents a common backwards-compatible change.
By adding a brand-new operation, we are creating a new version of the contract, but
this change is backwards-compatible and will not impact any existing consumers. The
new service implementation will continue to work with old service consumers because
all the operations that an existing service consumer might invoke are still present and
continue to meet the requirements of the previous service contract version.
As demonstrated in Example 10.3, supporting a new method that existing service con-
sumers don’t use results in a backwards-compatible change. However, in a service
inventory with multiple REST services, we can take steps to ensure that new service
consumers will continue to work with old versions of services.
Service: po.actioncon.com
Capabilities:
POST /orders
In = application/vnd.com.actioncon.po+xml
GET /orders/{order-id}/status
Out = text/plain
PUT /orders/{order-id}
In = application/vnd.com/actioncon.po+xml
DELETE /orders/{order-id}
GET /orders/{order-id}
Out = application/vnd.com.actioncon.po+xml
Example 10.3
The addition of a new resource or new supported method on a resource is a backwards-compatible change for a REST
service.
As shown in Example 10.4, it may be important for service consumers to have a reason-
able way of proceeding with their interaction if the service reports that the new method
is not implemented.
Legal methods for actioncon.com service inventory:
* GET
* PUT
* DELETE
* POST
* SUBSCRIBE (consumers must fall back to periodic GET if service
reports "not implemented")
Example 10.4
New methods added to a service inventory’s uniform contract need to provide a way for service consumers to “fall back” on a
previously used method if they are to truly be backwards-compatible.
An example of a change made to a schema for a message defi nition that is backwards-
compatible is the addition of an optional element (as shown in bolded markup code in
Example 10.5).
Media type = application/vnd.com.actioncon.po+xml
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://actioncon.com/schema/po"
xmlns="http://actioncon.com/schema/po">
<xsd:element name="LineItem" type="LineItemType"/>
<xsd:complexType name="LineItemType">
<xsd:sequence>
<xsd:element name="productID" type="xsd:string"/>
<xsd:element name="productName" type="xsd:string"/>
<xsd:element name="available" type="xsd:boolean"
minOccurs="0"/>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>
Example 10.5
In an XML Schema definition, the addition of an optional element is also considered backwards-compatible.
Here we are using a simplified version of the XML Schema definition for the Purchase
Order service. The optional available element is added to the LineItemType complex
type. This has no impact on existing generators because they are not required to pro-
vide this element in their messages. New processors must be designed to cope without
the new information if they are to remain backwards-compatible.
Changing any of the existing elements in the previous example from required to
optional (by adding the minOccurs="0" setting) would also be considered a back-
wards-compatible change. When we have control over how we choose to design the
next version of a Web service contract, backwards compatibility is generally attainable.
However, mandatory changes (such as those imposed by laws or regulations) can often
force us to break backwards compatibility.
NOTE
Both the Flexible and Loose versioning strategies explained at the end of this chapter
support backwards compatibility.
10.2 Versioning and Compatibility 271
Forwards Compatibility
When a service contract is designed in such a manner so that it can support a range of
future consumer programs, it is considered to have an extent of forwards compatibility.
This means that the contract can essentially accommodate how consumer programs
will evolve over time.
Redirection exception codes help REST services that implement a uniform contract
change the resource identifiers in the contract when required. This is another way in
which service contracts can allow legacy service consumers to continue using the ser-
vice after contract changes have taken place (Example 10.6).
1: SUBSCRIBE http://po.action.com/orders/ORD123()
2: unsupportedMethod
3: GET http://po.action.com/orders/ORD123()
4: 200 OK
Example 10.6
A REST service ensures forwards compatibility by raising an exception whenever it does not understand a reusable contract
or uniform contract method.
For example:
• Any validation that the processor does must not reject a document formatted
according to the new schema.
• All existing information that the processor might need must remain present in
future versions of the schema.
• Any new information added to the schema must be safe for legacy processors to
ignore (if processors must understand the new information, then the change can-
not be forwards compatible).
• The processor must ignore any information that it does not understand.
A common way to ensure validation does not reject future versions of the schema is to
use wildcards in the earlier version. These provide extension points where new infor-
mation can be added in future schema versions, as shown in Example 10.7.
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://actioncon.com/schema/po"
xmlns="http://actioncon.com/schema/po">
<xsd:element name="LineItem" type="LineItemType"/>
<xsd:complexType name="LineItemType">
<xsd:sequence>
<xsd:element name="productID" type="xsd:string"/>
<xsd:element name="productName" type="xsd:string"/>
<xsd:any namespace="##any" processContents="lax"
minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:anyAttribute namespace="##any"/>
</xsd:complexType>
</xsd:schema>
Example 10.7
To support forwards compatibility within a message definition generally requires the use of XML Schema wildcards.
In this example, the xsd:any and xsd:anyAttribute elements are added to allow for
a range of unknown elements and data to be accepted by the service contract. In other
words, the schema is being designed in advance to accommodate unforeseen changes
in the future.
It is important to understand that building extension points into service contracts for
forwards compatibility by no means eliminates the need to consider compatibility
issues when making contract changes. New information can only be added to schemas
10.2 Versioning and Compatibility 273
A service with a forwards-compatible contract will often not be able to process all mes-
sage content. Its contract is simply designed to accept a broader range of data unknown
at the time of its design.
NOTE
Forwards compatibility forms the basis of the Loose versioning strategy that is explained
shortly.
Compatible Changes
When we make a change to a service contract that does not negatively affect existing
consumers, then the change itself is considered a compatible change.
NOTE
In this book, the term “compatible change” refers to backwards compatibility by default.
When used in reference to forwards compatibility, it is further qualified as a forwards-
compatible change.
</xsd:sequence>
</xsd:complexType>
</xsd:schema>
Example 10.8
The default value of the minOccurs attribute is “1”. Therefore because this attribute was previously absent from the
productName element declaration, it was considered a required element. Adding the minOccurs="0" setting turns
it into an optional element, resulting in a compatible change. (Note that making this change to a message output from the
service would be an incompatible change.)
This type of change will not impact existing consumer programs that are used to send-
ing the element value to the Web service, nor will it affect future consumer programs
that can be designed to optionally send that element.
Another example of a compatible change was provided earlier in Example 10.3, when
we first added the optional available element declaration. Even though we extended
the type with a whole new element, because it is optional it is considered a compatible
change.
• Changing the identifiers for a set of REST resources (including splitting and merg-
ing of services) using redirection response codes to facilitate migration of REST
service consumers to the new identifiers
• Adding a new WSDL port type definition and associated operation definitions
• Adding a new uniform contract method when an exception response exists for
services that do not understand the method to use (and consumers can recover
from this exception)
10.2 Versioning and Compatibility 275
Incompatible Changes
If after a change a contract is no longer compatible with consumers, then it is considered
to have received an incompatible change. These are the types of changes that can break an
existing contract and therefore impose the most challenges when it comes to versioning.
NOTE
The term “incompatible change” also indicates backwards compatibility by default. Incom-
patible changes that affect forwards compatibility will be qualified as “forwards-incompatible
changes.”
Going back to our example, if we set an element’s minOccurs attribute from “0” to any
number above zero, then we are introducing an incompatible change for input mes-
sages, as shown in Example 10.9:
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://actioncon.com/schema/po"
xmlns="http://actioncon.com/schema/po">
<xsd:element name="LineItem" type="LineItemType"/>
<xsd:complexType name="LineItemType">
<xsd:sequence>
<xsd:element name="productID" type="xsd:string"/>
<xsd:element name="productName" type="xsd:string"
minOccurs="3"/>
<xsd:element name="available" type="xsd:boolean"
minOccurs="3"/>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>
Example 10.9
Incrementing the minOccurs attribute value of any established element declaration is automatically an incompatible
change.
276 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
What was formerly an optional element is now required. This will certainly affect exist-
ing consumers that are not designed to comply with this new constraint, because add-
ing a new required element introduces a mandatory constraint upon the contract.
• The uniform contract media types are shared by both services and service
consumers.
10.3 REST Service Compatibility Considerations 277
SOA PATTERNS
Service contracts that make use of the Schema Centralization [356] pattern with-
out necessarily being REST-compliant will often need to impose a similarly rigid
view of forwards compatibility and backwards compatibility.
Uniform contract methods codify the kinds of interactions that can occur between ser-
vices and their consumers. For example, GET codifies “fetch some data,” while PUT
codifies “store some data.”
Because the kinds of interactions that occur between REST services within the same
service inventory tend to be relatively limited and stable, methods will usually change
at a low rate compared to media types or resources. Compatibility issues usually per-
tain to a set of allowable methods that are only changed after careful case-by-case
consideration.
Uniform contract media types further codify the kinds of information that can be
exchanged between REST services and consumers. As previously stated, media types
tend to change at a faster rate than HTTP methods in the uniform contract; however,
media types still change more slowly than resources. Compatible change is more of a
278 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
live concern for the media types, and we can draw some more general rules about how
to deal with them.
For example, if the generator of a message indicates to a processor of the message that
it conforms to a particular media type, the processor generally does not need to know
which version of the schema was used, nor does the processor need to have been built
against the same version of the schema. The processor expects that all versions of the
schema for a particular media type will be both forwards compatible and backwards-
compatible with the type it was developed to support. Likewise, the generator expects
that when it produces a message conformant with a particular schema version, that all
processors of the message will understand it.
When incompatible changes are made to a schema, a new media type identifier is gener-
ally required to ensure that:
• The processor can decide how to parse a document based on the media type
identifier
• Services and consumers are able to negotiate for a specific media type that will be
understood by the processor when the message has been produced
NOTE
One way to better understand versioning issues that pertain to media types is to look at how
they are used in HTML. An example of a compatible change to HTML that did not result in
the need for a new media type was the addition of the abbr element to version 4.0 of the
HTML language. This element allows new processors of HTML documents to support a
mouse-over to expand abbreviations on a web page and to better support accessibility of
the page. Legacy processors safely ignore the expansion, but will continue correctly show-
ing the abbreviation itself.
An example of an incompatible change to HTML that did require a new media type was
the conversion of HTML 4.0 to XML (resulting in version 1.0 of XHTML). The media type
for the traditional SGML version remained text/html, while the XML version became
application/xhtml+xml. This allowed content negotiation to occur between the two
10.4 Version Identifiers 279
types, and for processors to choose the correct parser and validation strategy based on
which type was specified by the service.
Some incompatible changes have also been made to HTML without changing the media
type. HTML 4.0 deprecated APPLET, BASEFONT, CENTER, DIR, FONT, ISINDEX, MENU,
S, STRIKE, and U elements in favor of newer elements. These elements must continue
to be understood but their use in HTML documents is being phased out. HTML 4.0 made
LISTING, PLAINTEXT, and XMP obsolete. These elements should not be used in HTML 4.0
documents and no longer need to be understood.
Deprecating elements over a long period of time and eventually identifying them as obso-
lete once they are no longer used by existing services or consumers is a technique that can
be used for REST media types to incrementally update a schema without having to change
the media type.
Versions are almost always communicated with version numbers. The most common
format is a decimal, followed by a period and then another decimal, as shown here:
version="2.0"
Sometimes, you will see additional period plus decimal pairs that lead to more detailed
version numbers like this:
version="2.0.1.1"
The typical meaning associated with these numbers is the measure or significance of
the change. Incrementing the first decimal generally indicates a major version change
(or upgrade) in the software, whereas decimals after the first period usually represent
various levels of minor version changes.
280 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
NOTE
A third “patch” version number is also sometimes used to express changes that are both
forwards-compatible and backwards-compatible. Typically these versions are intended to
clarify the schema only, or to fix problems with the schema that were discovered after it was
deployed. For example, version 5.2.1 is expected to be fully compatible with version 5.2.0,
but may be added for clarification purposes.
This convention of indicating compatibility through major and minor version numbers
is referred to as the compatibility guarantee. Another approach, known as “amount of
work,” uses version numbers to communicate the effort that has gone into the change. A
minor version increase indicates a modest effort, and a major version increase predict-
ably represents a lot of work.
These two conventions can be combined and often are. The result is often that version
numbers continue to communicate compatibility as explained earlier, but they some-
times increment by several digits, depending on the amount of effort that went into
each version.
There are various syntax options available to express version numbers. For example,
you may have noticed that the declaration statement that begins an XML document can
contain a number that expresses the version of the XML specification being used:
<?xml version="1.0"?>
That same version attribute can be used with the root xsd:schema element, as follows:
You can further create a custom variation of this attribute by assigning it to any element
you define (in which case you are not required to name the attribute “version”).
<LineItem version="2.0">
An alternative custom approach is to embed the major version number into a namespace
or media type identifier, as shown here:
<LineItem xmlns="http://actioncon.com/schema/po/v2">
or
application/vnd.com.actioncon.po.v2+xml
Note that it has become a common convention to use date values in namespaces when
versioning XML schemas, as follows:
<LineItem xmlns="http://actioncon.com/schema/po/2010/09">
In this case, it is the date of the change that acts as the major version identifier. To keep
the expression of XML Schema definition versions in alignment with WSDL definition
versions, we use version numbers instead of date values in upcoming examples. How-
ever, when working in an environment where XML Schema definitions are separately
owned as part of an independent data architecture, it is not uncommon for schema ver-
sioning identifiers to be different from those used by WSDL defi nitions.
Regardless of which option you choose, it is important to consider the Canonical Ver-
sioning pattern that dictates that the expression of version information must be stan-
dardized across all service contracts within the boundary of a service inventory. In
larger environments, this will often require a central authority that can guarantee the
linearity, consistency, and description quality of version information. These types of
conventions carry over into how service termination information is expressed, as fur-
ther explored in Chapter 23 in Web Service Contract Design and Versioning for SOA.
SOA PATTERNS
Of course you may also be required to work with third-party schemas and WSDL
definitions that may already have implemented their own versioning conven-
tions. In this case, the extent to which the Canonical Versioning [327] pattern can
be applied will be limited.
282 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
Even though there is no de facto versioning technique for the WSDL, XML Schema,
and WS-Policy content that comprises Web service contracts, a number of common
and advocated versioning approaches have emerged, each with its own benefits and
tradeoffs.
• Flexible – Any incompatible change results in a new version of the service contract
and the contract is designed to support backwards compatibility but not forwards
compatibility.
• Loose – Any incompatible change results in a new version of the service contract
and the contract is designed to support backwards compatibility and forwards
compatibility.
This “super-strict” approach is not really that practical, but it is the safest and sometimes
warranted when there are legal implications to Web service contract modifications, such
as when contracts are published for certain interorganization data exchanges. Because
both compatible and incompatible changes will result in a new contract version, this
approach supports neither backwards nor forwards compatibility.
On the downside, by forcing a new namespace upon the contract with each change, you
are guaranteeing that all existing service consumers will no longer be compatible with
any new version of the contract. Consumers will only be able to continue communicat-
ing with the Web service while the old contract remains available alongside the new
version or until the consumers themselves are updated to conform to the new contract.
Therefore, this approach will increase the governance burden of individual services
and will require careful transitioning strategies. Having two or more versions of the
same service co-exist at the same time can become a common requirement for which the
supporting service inventory infrastructure needs to be prepared.
This means that any backwards-compatible change is considered safe in that it ends up
extending or augmenting an established contract without affecting any of the service’s
existing consumers. A common example of this is adding a new operation to a WSDL
definition or adding an optional element declaration to a message’s schema definition.
As with the Strict strategy, any change that breaks the existing contract does result in a
new contract version, usually implemented by changing the target namespace value of
the WSDL definition and potentially also the XML Schema defi nition.
284 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
• The anyType attribute value provided by the WSDL 2.0 language allows a message
to consist of any valid XML document.
These and other features related to forwards compatibility are discussed in Web Service
Contract Design and Versioning for SOA.
Strategy Summary
Provided in Table 10.1 is a broad summary of how the three strategies compare based
on three fundamental characteristics.
Strategy
Table 10.1
A general comparison of the three versioning strategies.
The three characteristics used in this table to form the basis of this comparison are as
follows:
• Strictness – The rigidity of the contract versioning options. The Strict approach
clearly is the most rigid in its versioning rules, while the Loose strategy provides
the broadest range of versioning options due to its reliance on wildcards.
• Complexity – The overall complexity of the versioning process. Due to the use of
wildcards and unknown message data, the Loose strategy has the highest com-
plexity potential, while the straightforward rules that form the basis of the Strict
approach make it the simplest option.
Throughout this comparison, the Flexible strategy provides an approach that represents
a consistently average level of strictness, governance effort, and overall complexity.
286 Chapter 10: Service API and Contract Versioning with Web Services and REST Services
• The version number or specification of the resource identifier syntax (as per the
“Request for Comments 6986 - Uniform Resource Identifier (URI): Generic Syntax”
specification)
• The specification of the collection of legal methods, status codes, and other interac-
tion protocol details (as per the “Request for Comments 2616 - Hypertext Transfer
Protocol - HTTP/1.1” specification)
• Individual specifications for legal media types (for example. HTML 4.01 and the
“Request for Comments 4287 - The Atom Syndication Format” specification)
• Individual specifications for service contracts that use the legal resource identifier
syntax, methods, and media types
Each part of the uniform contract is specified and versioned independently of the
others. Changing any one specification does not generally require another specifica-
tion to be updated or versioned. Likewise, changing any of the uniform contract facet
specifications does not require changes to individual service contracts, or changes to
their version numbers.
This last point is in contradiction to some conventional versioning strategies. One might
expect that if a schema used in a service contract changed, then the service contract
would need to be modified. However, with REST services there is a tendency to main-
tain both forwards compatibility and backwards compatibility. If a REST service con-
sumer sends a message that conforms to a newer schema, the service can process it as
if it conformed to the older schema. If compatibility between these schemas has been
maintained, then the service will function correctly. Likewise, if the service returns a
message to the consumer that conforms to an old schema, the newer service consumer
can still process the message correctly.
REST service contracts only need to directly consider the versioning of the uniform
contract when media types used become deprecated, or when the schema advances so
far that elements and attributes the service depends on are on their way to becoming
obsolete. When this occurs, the service contract needs to be updated, and with it, the
underlying service logic that processes the media types.
Part III
Appendices
Service-Orientation Principles
Reference
T his appendix provides profile tables for the service-orientation principles refer-
enced throughout this book. As explained in Chapter 1, each principle reference is
suffixed with the page number of its corresponding profile table in this appendix.
• Long Definition – A longer description of the principle that provides more detail as
to what it is intended to accomplish.
• Goals – A list of specific design goals that are expected from the application of
the principle. Essentially, this list provides the ultimate results of the principle’s
realization.
Note that these profile tables provide only summarized versions of the principles. Com-
plete coverage of the eight service-orientation design principles, including case studies,
is provided in the SOA Principles of Service Design book.
For more information about this and other titles in the Prentice Hall Service Technology
Series from Thomas Erl, visit www.servicetechbooks.com. Summarized content of topics
related to service-orientation can also be found online at www.serviceorientation.com.
Standardized Service Contract 291
Long Definition “Services within the same service inventory are in compliance with the
same contract design standards.”
Table A.1
A profile for the Standardized Service Contract principle
Service Loose Coupling 293
Long Definition “Service contracts impose low consumer coupling requirements and are
themselves decoupled from their surrounding environment.”
Table A.2
A profile for the Service Loose Coupling principle
294 Appendix A: Service-Orientation Principles Reference
Service Abstraction
Long Definition “Service contracts only contain essential information and information
about services is limited to what is published in service contracts.”
Goals Many of the other principles emphasize the need to publish more
information in the service contract. The primary role of this prin-
ciple is to keep the quantity and detail of contract content concise
and balanced and prevent unnecessary access to additional
service details.
Table A.3
A profile for the Service Abstraction principle
Service Reusability 295
Service Reusability
Long Definition “Services contain and express agnostic logic and can be positioned
as reusable enterprise resources.”
Goals The goals behind Service Reusability are tied directly to some
of the most strategic objectives of service-oriented computing:
• To allow for service logic to be repeatedly leveraged over
time so as to achieve an increasingly high return on the
initial investment of delivering the service.
• To increase business agility on an organizational level by
enabling the rapid fulfillment of future business automa-
tion requirements through wide-scale service composition.
• To enable the realization of agnostic service models.
• To enable the creation of service inventories with a high
percentage of agnostic services.
Table A.4
A profile for the Service Reusability principle
Service Autonomy 297
Service Autonomy
Long Definition “Services exercise a high level of control over their underlying runtime
execution environment.”
Implementation • A high level of control over how service logic is designed and
Requirements developed. Depending on the level of autonomy being sought,
this may also involve control over the supporting data models.
• A distributable deployment environment, so as to allow the
service to be moved, isolated, or composed as required.
• An infrastructure capable of supporting desired
autonomy levels.
Table A.5
A profile for the Service Autonomy principle
298 Appendix A: Service-Orientation Principles Reference
Service Statelessness
Table A.6
A profile for the Service Statelessness principle
300 Appendix A: Service-Orientation Principles Reference
Service Discoverability
Table A.7
A profile for the Service Discoverability principle
302 Appendix A: Service-Orientation Principles Reference
Service Composability
Long Definition “Services are effective composition participants, regardless of the size
and complexity of the composition.”
Table A.8
A profile for the Service Composability principle
This page intentionally left blank
Appendix B
• Long Definition – A longer description of the constraint that provides more detail
as to what it is intended to accomplish.
• Application – A list of common steps and requirements for applying the constraint.
• Impacts – A list of positive and negative impacts that can result from the applica-
tion of the constraint.
• Relationship to REST – A brief explanation of how the constraint can relate to other
constraints and overall REST architecture.
• Related REST Goals – A list of REST design goals that are related to and relevant to
the application of this constraint.
• Related SOA Patterns – A list of SOA design patterns related to the constraint.
Note that these profile tables provide only summarized versions of the constraints.
Complete coverage of the REST constraints, including case studies, is provided in the
SOA with REST: Principles, Patterns & Constraints for Building Enterprise Solutions with
REST book.
For more information about this and other titles in the Prentice Hall Service Technology
Series from Thomas Erl, visit www.servicetechbooks.com. Summarized content of REST-
related topics can also be found online at www.whatisrest.com.
Client-Server 307
Client-Server
Short Definition “Solution logic is separated into consumer and service logic that share a
technical contract.”
Impacts • Service logic can become more scalable and reusable because it
is freed from having to implement consumer-specific logic.
• Service and consumer logic are simplified due to respective
information hiding.
• Service and consumer implementations can be evolved
independently in ways that do not require alterations to the
shared contract.
• Interactions between services and consumers that circumvent
the shared technical contract are prohibited, potentially
resulting in lost opportunities to optimize the solution
architecture.
Stateless
Cache
Short Definition “Service consumers can cache and reuse response message data.”
Long Definition “The data provided by a prior response message can be temporarily
stored and reused by the service consumer for later request messages.”
Related n/a
Service-Orientation
Principles
Uniform Contract
Short Definition “Service consumers and services share a common, overarching, generic
technical contract.”
Long Definition “Consumers access service capabilities via methods, media types, and
a common resource identifier syntax that are standardized across many
consumers and services. Service capabilities provide access to resources
that can further provide links to other resources.”
Layered System
Code-on-Demand
Short Definition “Service consumers support the execution of deferred service logic.”
Relationship to n/a
REST
Related n/a
Service-Orientation
Principles
The notion of a pattern is already a fundamental part of everyday life. Without acknowl-
edging it each time, we naturally use proven solutions to solve common problems each
day. Patterns in the IT world that revolve around the design of automated systems are
referred to as design patterns.
• Can be used to ensure consistency in how systems are designed and built
• Are usually flexible and optional (and openly document the impacts of their appli-
cation and even suggest alternative approaches)
• Can be supported via the application of other design patterns that are part of the
same collection
Furthermore, because the solutions provided by design patterns are proven, their con-
sistent application tends to naturally improve the quality of system designs.
Problem: How can users be limited to entering the value of a form field to a set of predefined
values?
Solution: Use a drop-down list populated with the predefined values as the input field.
What this example also highlights is the fact that the solution provided by a given pat-
tern may not necessarily represent the only suitable solution for that problem. In fact,
there can be multiple patterns that provide alternative solutions for the same problem.
Each solution will have its own requirements and consequences, and it is up to the prac-
titioner to determine which pattern is most appropriate.
In the previous example, a different solution to the stated problem would be to use a
list box instead of a drop-down list. This alternative would form the basis of a sepa-
rate design pattern description. The user-interface designer can study and compare
both patterns to learn about the benefits and trade-offs of each. A drop-down list, for
instance, takes up less space than a list box but requires that a user always perform a
separate action to access the list. Because a list box can display more field lines at the
same time, the user may have an easier time locating the desired value.
NOTE
Even though design patterns provide proven design solutions, their mere use cannot
guarantee that design problems are always solved as required. Many factors weigh in to the
ultimate success of using a design pattern, including constraints imposed by the imple-
mentation environment, competency of the practitioners, diverging business requirements,
and so on. All of these represent aspects that affect the extent to which a pattern can be
successfully applied.
320 Appendix C: SOA Design Patterns Reference
Some pattern languages are open-ended, allowing patterns to be combined into a vari-
ety of pattern sequences, while others are more structured whereby groups of patterns
are presented in a suggested application order. This order is generally based on the
granularity of the patterns, in that coarser-grained patterns are applied prior to finer-
grained patterns that then build upon or extend the foundation established by the
coarse-grained patterns. In these types of pattern languages, the manner in which pat-
terns can be organized into pattern sequences is limited to how they are applied within
the groups.
• Ensure consistency in how particular design goals are achieved (because by carry-
ing out sets of interdependent patterns in a proven order, the quality of the results
can be more easily guaranteed)
• Are effective learning tools that can provide insight into how and why a particular
method or technique should be applied as well as the effects of its application
• Are flexible in that the ultimate pattern application sequence is up to the practitio-
ner (and also because the application of any pattern within the overall language
can be optional)
The SOA Design Patterns book provides an open-ended, master pattern language for
SOA. The extent to which different patterns are related can vary, but overall they share
a common objective, and endless pattern sequences can be explored.
Pattern Profiles 321
Pattern Profiles
Every profile table contains the following parts:
• Problem – The issue causing a problem and the effects of the problem. It is this
problem for which the pattern is expected to provide a solution.
• Solution – This represents the design solution proposed by the pattern to solve the
problem and fulfill the requirement.
• Application – This part is dedicated to describing how the pattern can be applied. It
can include guidelines, implementation details, and sometimes even a suggested
process.
Note that these profile tables provide only summarized versions of the patterns.
Complete coverage of SOA design patterns, including case studies, is provided in the
SOA Design Patterns book.
For more information about this and other titles in the Prentice Hall Service Technology
Series from Thomas Erl, visit www.servicetechbooks.com. Summarized versions of all
SOA pattern profiles can be found online at www.soapatterns.org.
322 Appendix C: SOA Design Patterns Reference
Agnostic Capability
By Thomas Erl
Application Service capabilities are defined and iteratively refi ned through
proven analysis and modeling processes.
Architecture Service
Agnostic Context 323
Agnostic Context
By Thomas Erl
Solution Isolate logic that is not specific to one purpose into separate services
with distinct agnostic contexts.
Architecture Service
324 Appendix C: SOA Design Patterns Reference
Problem When runtime activities that span multiple services fail, the
parent business task is incomplete and actions performed and
changes made up to that point may compromise the integrity of the
underlying solution and architecture.
Canonical Expression
By Thomas Erl
Canonical Schema
By Thomas Erl
Solution Data models for common information sets are standardized across
service contracts within an inventory boundary.
Canonical Versioning
By Thomas Erl
Problem Service contracts within the same service inventory that are
versioned differently will cause numerous interoperability and
governance problems.
Capability Composition
By Thomas Erl
Principles All
Capability Recomposition
By Thomas Erl
How can the same capability be used to help solve multiple problems?
Principles All
Impacts Unlike atomic transactions that are governed by specific rules, the
use of compensation logic is open-ended and can vary in its actual
effectiveness.
Composition Autonomy
By Thomas Erl
Architecture Composition
332 Appendix C: SOA Design Patterns Reference
Concurrent Contracts
By Thomas Erl
Solution Multiple contracts can be created for a single service, each targeted
at a specific type of consumer.
Application This pattern is ideally applied together with Service Façade [360] to
support new contracts as required.
Impacts Each new contract can effectively add a new service endpoint to an
inventory, thereby increasing corresponding governance effort.
Architecture Service
Containerization 333
Containerization
By Roger Stoffers
Content Negotiation
By Raj Balasubramanian, David Booth, Thomas Erl
Application The pattern is most commonly applied via HTTP media types that
can define the format and/or representation of message data. The
media type of the data is decoupled from the data itself, allowing
the service to support a range of media types.
The consumer provides metadata in each request message to
identify preferred and supported media types. The service attempts
to accommodate preferences, but can also return the data in other
supported media types when issuing the response message.
Contract Denormalization
By Thomas Erl
Architecture Service
336 Appendix C: SOA Design Patterns Reference
Decoupled Contract
By Thomas Erl
Architecture Service
338 Appendix C: SOA Design Patterns Reference
Domain Inventory
By Thomas Erl
Dual Protocols
By Thomas Erl
Problem Canonical Protocol requires that all services conform to the use of
the same communications technology; however, a single protocol
may not be able to accommodate all service requirements, thereby
introducing limitations.
Application Primary and secondary service levels are created and collectively
represent the service endpoint layer. All services are subject to
standard service-orientation design considerations and specific
guidelines are followed to minimize the impact of not following
Canonical Protocol.
Enterprise Inventory
By Thomas Erl
Solution Services for multiple solutions can be designed for delivery within a
standardized, enterprise-wide inventory architecture wherein they
can be freely and repeatedly recomposed.
Entity Abstraction
By Thomas Erl
Application Entity service contexts are derived from business entity models and
then establish a logical layer that is modeled during the analysis
phase.
Entity Linking
By Raj Balasubramanian, David Booth, Thomas Erl
Problem Business entities have natural relationships, yet entity services are
commonly designed autonomously with no indication of these
relationships. Service consumers acting as composition controllers
are commonly required to have entity linking logic hard-coded in
order to work with entity relationships. This limits the composition
controller to any additional links that may become relevant and
further adds a governance burden to ensure that hard-coded entity
linking logic is kept in synch with the business.
Application Links are included in relevant response messages from the service.
Service consumers are able to navigate from entity to entity by
following these links, and accumulate further business knowledge
along the way. This allows service consumers with little up-front
entity linking logic to correctly compose entity services based on
their relationships.
Event-Driven Messaging
By Mark Little, Thomas Rischbeck, Arnaud Simon
Functional Decomposition
By Thomas Erl
Solution The large business problem can be broken down into a set of
smaller, related problems, allowing the required solution logic to
also be decomposed into a corresponding set of smaller, related
solution logic units.
Principles n/a
Architecture Service
Idempotent Capability 345
Idempotent Capability
By Cesare Pautasso, Herbjörn Wilhelmsen
Problem Network and server hardware failure can lead to lost messages,
resulting in cases where a service consumer receives no response
to its request. Attempts to reissue the request message can lead to
unpredictable or undesirable behavior when the service capability
inadvertently receives multiple copies of the same request message.
Solution Design service capabilities with idempotent logic that enables them
to safely accept repeated message exchanges.
Inventory Endpoint
By Thomas Erl
Solution Abstract the relevant capabilities into an endpoint service that acts
as a the official inventory entry point dedicated to a specific set of
external consumers.
Application The endpoint service can expose a contract with the same
capabilities as its underlying services, but augmented with policies
or other characteristics to accommodate external consumer
interaction requirements.
Architecture Inventory
Legacy Wrapper 347
Legacy Wrapper
By Thomas Erl, Satadru Roy
Architecture Service
348 Appendix C: SOA Design Patterns Reference
Logic Centralization
By Thomas Erl
Microservice Deployment
By Paulo Merson
NOTE
“Microservice” is an industry term that can be used for services that comply to the micro-
service model and to which service-orientation has been applied (and are therefore part of
an SOA environment), as well as for services that are not part of an SOA environment. As
part of the SOA patterns catalog, the Microservice Deployment pattern is authored solely for
services that are part of an SOA environment and, most commonly, to which the Micro Task
Abstraction [350] pattern has been applied.
350 Appendix C: SOA Design Patterns Reference
Non-Agnostic Context
By Thomas Erl
Impacts Although they are not expected to provide reuse potential, non-
agnostic services are still subject to the rigor of service-orientation.
Architecture Service
352 Appendix C: SOA Design Patterns Reference
Solution Even when services are required to remain stateful, a subset of their
state data can be temporarily deferred.
Impacts Partial state management deferral can add to design complexity and
bind a service to the architecture.
Process Abstraction
By Thomas Erl
Application Business process logic is typically fi ltered out after utility and
entity services have been defined, allowing for the definition of task
services that comprise this layer.
Redundant Implementation
By Thomas Erl
Architecture Service
Reusable Contract 355
Reusable Contract
By Raj Balasubramanian, Benjamin Carlyle, Thomas Erl, Cesare Pautasso
Solution Limit tight coupling to a common, reusable technical contract that is shared
by multiple services. The technical contract provides only generic, high-level
functions that are less likely to be impacted when service logic changes.
Application A reusable service contract can provide abstract and agnostic data exchange
methods, none of which are related to a specific business function. Methods
within a reusable contract are typically focused on types of data rather than
on the business context of the data.
The set of methods of the reusable contract is complemented by service-
specific resource identifiers and media types to apply the context established
by reusable methods to individual service capabilities.
HTTP provides a reusable contract via generic methods, such as GET, PUT,
and DELETE, that allow consumer programs to access Web-based resources
by further providing resource identifiers. The combination of the resource
identifier and the HTTP method and media type can comprise a service-
specific capability.
A reusable contract can also be created using a centralized WSDL definition,
as long as the operations defi ned are sufficiently generic.
Impacts Sharing the same contract across services increases the importance of getting
the contract right, both initially, and over the contract’s lifetime.
The reusable contract may still need to change if new services with new high-
level functional requirements are introduced into the service inventory.
The reusable contract can lack sufficient metadata to effectively enable a
service to be discovered. Service-specific metadata may need to be maintained
separately from the reusable contract definition to ensure that service
consumers are able to select the correct service capability with which to
interact.
Principles Standardized Service Contract (291), Service Loose Coupling (293), Service
Abstraction (294), Service Discoverability (300), Service Composability (302)
Schema Centralization
By Thomas Erl
Solution Select schemas that exist as physically separate parts of the service
contract are shared across multiple contracts.
Service Agent
By Thomas Erl
Solution Services can have their own dedicated databases with replication to
shared data sources.
Application An additional database needs to be provided for the service and one
or more replication channels need to be enabled between it and the
shared data sources.
Service Encapsulation
By Thomas Erl
Principles n/a
Architecture Service
360 Appendix C: SOA Design Patterns Reference
Service Façade
By Thomas Erl
Impacts The addition of the façade component introduces design effort and
performance overhead.
Architecture Service
Service Normalization 361
Service Normalization
By Thomas Erl
State Messaging
By Anish Karmarkar
Impacts This pattern may not be suitable for all forms of state data, and
should messages be lost, any state information they carried may be
lost as well.
State Repository
By Thomas Erl
Problem Large amounts of state data cached to support the activity within
a running service composition can consume too much memory,
especially for long-running activities, thereby decreasing scalability.
Solution State data can be temporarily written to and then later retrieved
from a dedicated state repository.
Impacts The addition of required write and read functionality increases the
service design complexity and can negatively affect performance.
Utility Abstraction
By Thomas Erl
Application The utility service model is incorporated into analysis and design
processes in support of utility logic abstraction, and further steps
are taken to define balanced service contexts.
Validation Abstraction
By Thomas Erl
Solution Granular validation logic and rules can be abstracted away from
the service contract, thereby decreasing constraint granularity and
increasing the contract’s potential longevity.
Impacts This pattern can somewhat decentralize validation logic and can
also complicate schema standardization.
Architecture Service
366 Appendix C: SOA Design Patterns Reference
Version Identification
By David Orchard, Chris Riley
Architecture Service
Appendix D
This appendix first presents the SOA Manifesto and then breaks it down to elaborate
on the meanings and implications of its individual statements. In addition to fostering
a deeper understanding of service-orientation, this exploration of values and priorities
can help determine their compatibility with an organization’s own values, priorities,
and goals.
Service orientation is a paradigm that frames what you do. Service-oriented architecture (SOA)
is a type of architecture that results from applying service orientation.
We have been applying service orientation to help organizations consistently deliver sustain-
able business value, with increased agility and cost effectiveness, in line with changing business
needs.
That is, while we value the items on the right, we value the items on the left more.
The SOA Manifesto Explored 369
Guiding Principles
• The scope of SOA adoption can vary. Keep efforts manageable and within meaningful
boundaries.
• Products and standards alone will neither give you SOA nor apply the service orientation
paradigm for you.
• Establish a uniform set of enterprise standards and policies based on industry, de facto,
and community standards.
• Maximize service usage by considering the current and future scope of utilization.
• Reduce implicit dependencies and publish all external dependencies to increase robustness
and reduce the impact of change.
• At every level of abstraction, organize each service around a cohesive and manageable unit
of functionality.
Preamble
Service orientation is a paradigm that frames what you do. Service-oriented architecture (SOA)
is a type of architecture that results from applying service orientation.
From the beginning it was understood that this was to be a manifesto about two dis-
tinct yet closely related topics: the service-oriented architectural model and service ori-
entation, the paradigm through which the architecture is defined. The format of this
manifesto was modeled after the Agile Manifesto, which limits content to concise state-
ments that express ambitions, values, and guiding principles for realizing those ambi-
tions and values. Such a manifesto is not a specification, a reference model, or even a
white paper, and without an option to provide actual definitions, we decided to add this
preamble in order to clarify how and why these terms are referenced in other parts of
the manifesto document.
The service orientation paradigm is best viewed as a method or an approach for real-
izing a specific target state that is further defined by a set of strategic goals and ben-
efits. When we apply service orientation, we shape software programs and technology
architecture in support of realizing this target state. This is what qualifies technology
architecture as being service-oriented.
…to help organizations consistently deliver sustainable business value, with increased agility
and cost effectiveness…
This continuation of the preamble highlights some of the most prominent and com-
monly expected strategic benefits of service-oriented computing. Understanding these
benefits helps shed some light on the aforementioned target state we intend to realize as
a result of applying service-orientation.
These last six words of the preamble are key to understanding the underlying phi-
losophy of service-oriented computing. The need to accommodate business change on
an ongoing basis is foundational to service-orientation and considered a fundamental
overarching strategic goal.
Priorities
The upcoming statements establish a core set of values, each of which is expressed as a
prioritization over something that is also considered of value. The intent of this value
system is to address the hard choices that need to be made on a regular basis in order
for the strategic goals and benefits of service-oriented computing to be consistently
realized.
This priority can have a profound ripple effect within the regions of an IT enterprise. It
introduces changes to just about all parts of IT delivery lifecycles, from how we plan for
and fund automation solutions to how we build and govern them. All other values and
principles in the manifesto, in one way or another, support the realization of this value.
372 Appendix D: The Annotated SOA Manifesto
For software programs to share data they need to be interoperable. If software pro-
grams are not designed to be compatible, they will likely not be interoperable. To enable
interoperability between incompatible software programs requires that they be inte-
grated. Integration is therefore the effort required to achieve interoperability between
disparate software programs.
Services are equipped with concrete characteristics (such as those that enable intrinsic
interoperability) that directly support the previously described target state. One of these
characteristics, fostered specifically by the application of the Service Reusability (295)
principle, is the encapsulation of multi-purpose logic that can be shared and reused in
support of the automation of different business processes.
A shared service establishes itself as an IT asset that can provide repeated business
value while decreasing the expense and effort to deliver new automation solutions.
While there is value in traditional, single-purpose applications that solve tactical busi-
ness requirements, the use of shared services provides greater value in realizing the
strategic goals of service-oriented computing (which again includes an increase in cost-
effectiveness and agility).
This is perhaps the broadest of the value prioritization statements and is best viewed as
a guiding philosophy for how to better prioritize various considerations when deliver-
ing and evolving individual services and inventories of services.
For example, the characteristic of flexibility goes beyond the ability for services to effec-
tively (and intrinsically) share data. To be truly responsive to ever-changing business
requirements, services must also be flexible in how they can be combined and aggre-
gated into composite solutions. Unlike traditional distributed applications that often
were relatively static despite the fact that they were componentized, service compo-
sitions need be designed with a level of inherent flexibility that allows for constant
augmentation. This means that when an existing business process changes or when
a new business process is introduced, we need to be able to add, remove, and extend
services within the composition architecture with minimal (integration) effort. This is
why Service Composability (302) is one of the key service-orientation design principles.
374 Appendix D: The Annotated SOA Manifesto
There is a common point of confusion when it comes to the term “agility” in relation
to service-orientation. Some design approaches advocate the rapid delivery of software
programs for immediate gains. This can be considered “tactical agility,” as the focus is
on tactical, short-term benefit. Service-orientation advocates the attainment of agility on
an organizational or business level with the intention of empowering the organization,
as a whole, to be responsive to change. This form of organizational agility can also be
referred to as “strategic agility” because the emphasis is on longevity in that, with every
software program we deliver, we want to work toward a target state that fosters agility
with long-term strategic value.
For an IT enterprise to enable organizational agility, it must evolve in tandem with the
business. We generally cannot predict how a business will need to evolve over time and
therefore we cannot initially build the perfect services. At the same time, there is usually
a wealth of knowledge already present within an organization’s existing business intel-
ligence that can be harvested during the analysis and modeling stages of SOA projects.
That is, while we value the items on the right, we value the items on the left more.
By studying how these values are prioritized, we gain insight into what distinguishes
service-orientation from other design approaches and paradigms. In addition to estab-
lishing fundamental criteria that we can use to determine how compatible service-
orientation is for a given organization, it can further help determine the extent to which
service-orientation can or should be adopted.
An appreciation of the core values can also help us understand how challenging it may
be to successfully carry out SOA projects within certain environments. For example,
several of these prioritizations may clash head-on with established beliefs and prefer-
ences. In such a case, the benefits of service-orientation need to be weighed against
the effort and impact their adoption may have (not just on technology, but also on the
organization and IT culture).
The upcoming guiding principles were provided to help address many of these types
of challenges.
The SOA Manifesto Explored 375
Guiding Principles
So far, the manifesto has established an overall vision as well as a set of core values asso-
ciated with the vision. The remainder of the declaration is comprised of a set of prin-
ciples that are provided as guidance for adhering to the values and realizing the vision.
It’s important to keep in mind that these are guiding principles that were authored spe-
cifically in support of this manifesto. They are not to be confused with the design prin-
ciples that comprise service-orientation.
These types of considerations not only help us determine how to best proceed with
an SOA initiative, they further assist us in defining the most appropriate scope and
approach for adoption.
There’s a saying that goes: “Success is being prepared for opportunity.” Perhaps the
number one lesson learned from SOA projects that have been carried out in the past is
that we must fully comprehend and then plan and prepare for the volume and range
of change that is brought about as a result of adopting service-orientation. Here are
some examples.
376 Appendix D: The Annotated SOA Manifesto
The scope of SOA adoption can vary. Keep efforts manageable and within meaningful boundaries.
A common myth has been that in order to realize the strategic goals of service-oriented
computing, service-orientation must be adopted on an enterprise-wide basis. This
means establishing and enforcing design and industry standards across the IT enter-
prise so as to create an enterprise-wide inventory of intrinsically interoperable services.
While there is nothing wrong with this ideal, it is not a realistic goal for many organiza-
tions, especially those with larger IT enterprises.
The most appropriate scope for any given SOA adoption effort needs to be determined
as a result of planning and analysis in conjunction with pragmatic considerations, such
as the aforementioned impacts on organizational structures, areas of authority, and cul-
tural changes that are brought about. Taking the Balanced Scope pillar into account
during the planning stages assists in determining a suitable, initial adoption scope
based on an organization’s maturity and readiness.
These factors further help determine a scope of adoption that is deemed manageable.
But for any adoption effort to result in an environment that progresses the IT enterprise
toward the desired strategic target state, the scope must also be meaningful. In other
words, it must be meaningfully cross-silo so that collections of services can be delivered
in relation to each other within a pre-defined boundary. In other words, we want to
create “continents of services,” not the dreaded “islands of services.”
design pattern that was originally published as part of the SOA design patterns catalog
at www.soapatterns.org. This approach reduces many of the risks that are commonly
attributed to “big-bang” SOA projects and furthermore mitigates the impact of both
organizational and technological changes (because the impact is limited to a segmented
and managed scope). It is also an approach that allows for phased adoption where one
domain service inventory can be established at a time.
Products and standards alone will neither give you SOA nor apply the service-orientation
paradigm for you.
This guiding principle addresses two separate but very much related myths. The fi rst is
that you can buy your way into SOA with modern technology products, and the second
is the assumption that the adoption of industry standards (such as XML, WSDL, SCA,
etc.) will naturally result in service-oriented technology architecture.
The vendor and industry standards communities have been credited with building mod-
ern service technology innovation upon non-proprietary frameworks and platforms.
Everything from service virtualization to cloud computing and grid computing has
helped advance the potential for building sophisticated and complex service-oriented
solutions. However, none of these technologies are exclusive to SOA. You can just as
easily build silo-based systems in the cloud as you can on your own private servers.
While some technologies (especially those based on industry standards) can increase
the potential of applying some service-orientation design principles, it is really the
potential to fulfill business requirements that ultimately determines the most suit-
able choice of technologies and industry standards. SOA design patterns, such as Dual
378 Appendix D: The Annotated SOA Manifesto
Protocols [339] and Concurrent Contracts [332], support the use and standardization of
alternative service technologies within the same service inventory.
Establish a uniform set of enterprise standards and policies based on industry, de facto, and
communitys tandards.
For two software programs to be fully compatible, additional conventions (such as data
models and policies) need to be adhered to. This is why IT enterprises must establish
and enforce design standards. Failure to properly standardize and regulate the stan-
dardization of services within a given domain will begin to tear at the fabric of interop-
erability upon which the realization of many strategic benefits relies.
This guiding principle advocates the use of enterprise design standards and design
principles, such as Standardized Service Contract (291) and Service Loose Coupling
(293). It also reminds us that, whenever possible and feasible, custom design standards
should be based upon and incorporate standards and service-orientation design prin-
ciples already in use by the industry and the community in general.
Federation can be defined as the unification of a set of disparate entities. While allowing
each entity to be independently governed on the inside, all agree to adhere to a com-
mon, unified front.
different platform than another. As long as these services maintain compatible end-
points, the governance of their respective implementations can remain independent.
This not only highlights that services can be built using different implementation medi-
ums (such as EJB, .NET, SOAP, REST, etc.), it also emphasizes that different intermedi-
ary platforms and technologies can be utilized together, as required.
Note that this type of diversity comes with a price. This principle does not advocate
diversification itself—it simply recommends that we allow diversification when justi-
fied, so that “best-of-breed” technologies and platforms can be leveraged to maximize
business requirements fulfillment.
The critical ingredient to carrying out service-oriented analysis is to have both busi-
ness and technology experts working hand-in-hand to identify and define candidate
services. For example, business experts can help accurately define functional contexts
pertaining to business-centric services, while technology experts can provide prag-
matic input to ensure that the granularity and definition of conceptual services remains
realistic in relation to their eventual implementation environments.
Maximize service usage by considering the current and future scope of utilization.
The extent of a given SOA project may be enterprise-wide or may be limited to a domain
of the enterprise. Whatever the scope, a pre-defined boundary is established to encom-
pass an inventory of services that need to be conceptually modeled before they can
be developed. By modeling multiple services in relation to each other, we essentially
establish a blueprint of the services we will eventually be building. This exercise is
critical when attempting to identify and define services that can be shared by different
solutions.
There are various methodologies and approaches that can be used to carry out ser-
vice-oriented analysis stages. However, a common thread among all of them is that
the functional boundaries of services be normalized to avoid redundancy. Even then,
380 Appendix D: The Annotated SOA Manifesto
normalized services do not necessarily make for highly reusable services. Other factors
come into play, such as service granularity, autonomy, state management, scalability,
composability, and the extent to which service logic is sufficiently generic so that it can
be effectively reused.
As with anything, services can be misused. When growing and managing a portfolio
of services, their usage and effectiveness at fulfi lling business requirements need to
be verified and measured. Modern tools provide various means of monitoring service
usage, but there are intangibles that also need to be taken into consideration to ensure
that services are not just used because they are available, but to verify that they are truly
fulfilling business needs and meeting expectations.
This is especially true with shared services that shoulder multiple dependencies. Not
only do shared services require adequate infrastructure to guarantee scalability and
reliability for all of the solutions that reuse them, they also need to be designed and
extended with great care to ensure their functional contexts are never skewed.
This guiding principle ties directly back to the “Evolutionary refinement over pursuit of
initial perfection” value statement, as well as the overall goal of maintaining an align-
ment of business and technology.
We can never expect to rely on guesswork when it comes to determining service granu-
larity, the range of functions that services need to perform, or how services will need
to be organized into compositions. Based on whatever extent of analysis we are able to
initially perform, a given service will be assigned a defi ned functional context and will
contain one or more functional capabilities that likely involve it in one or more service
compositions.
As real-world business requirements and circumstances change, the service may need
to be augmented, extended, refactored, or perhaps even replaced. Service-orientation
design principles build native flexibility into service architectures so that, as software
The SOA Manifesto Explored 381
programs, services are resilient and adaptive to change and to being changed in
response to real-world usage.
What makes monolithic and silo-based systems inflexible is that change can have a
significant impact on their existing usage. This is why it is often easier to create new
silo-based applications rather than augment or extend existing ones.
The rationale behind the separation of concerns theory is that a larger problem can be
more effectively solved when decomposed into a set of smaller problems or concerns.
When applying service-orientation to the separation of concerns, we build correspond-
ing units of solution logic that solve individual concerns, thereby allowing us to aggre-
gate the units to solve the larger problem in addition to giving us the opportunity to
aggregate them into different configurations in order to solve other problems.
Another example is the separation of agnostic from non-agnostic logic. The former type
of logic has high reuse potential if it is multi-purpose and less likely to change. Non-
agnostic logic, on the other hand, typically represents the single-purpose parts of par-
ent business process logic, which are often more volatile. Separating these respective
logic types into different service layers further introduces abstraction that enables ser-
vice reusability while shielding services, and any solutions that utilize them, from the
impacts of change.
Reduce implicit dependencies and publish all external dependencies to increase robustness and
reduce the impact of change.
This guiding principle embodies the purpose of the Service Loose Coupling (293)
design principle. How a service architecture is internally structured and how services
relate to programs that consume them (which can include other services) all comes
down to dependencies that are formed on individually moving parts that are part of
the service architecture.
382 Appendix D: The Annotated SOA Manifesto
Layers of abstraction help ease evolutionary change by localizing the impacts of the
change to controlled regions. For example, within service architectures, service façades
can be used to abstract parts of the implementation in order to minimize the reach of
implementation dependencies.
On the other hand, published technical service contracts need to disclose the depen-
dencies that service consumers must form in order to interact with services. As per
the Service Abstraction (294) principle, the reduction of internal dependencies that can
affect these technical contracts when change does occur minimizes the proliferation of
the impact of those changes upon dependent service consumers.
At every level of abstraction, organize each service around a cohesive and manageable unit of
functionality.
Each service requires a well-defined functional context that determines what logic
does and does not belong within the service’s functional boundary. Determining the
scope and granularity of these functional service boundaries is one of the most critical
responsibilities during the service delivery lifecycle.
Services with coarse functional granularity may be too inflexible to be effective, espe-
cially if they are expected to be reusable. On the other hand, overly fine-grained ser-
vices may tax an infrastructure in that service compositions will need to consist of
increased quantities of composition members.
Determining the right balance of functional scope and granularity requires a combina-
tion of business and technology expertise, and further requires an understanding of
how services within a given boundary relate to each other.
Many of the guiding principles described in this manifesto help to make this determina-
tion in support of positioning each service as an IT asset that is capable of furthering an
IT enterprise toward that target state whereby the strategic benefits of service-oriented
computing are realized.
Ultimately, though, it is the attainment of real-world business value that dictates, from
conception to delivery to repeated usage, the evolutionary path of any unit of service-
oriented functionality.
About the Author
Thomas Erl
Thomas Erl is a top-selling IT author, founder of Arcitura Education, and series editor of
the Prentice Hall Service Technology Series from Thomas Erl. With more than 300,000 cop-
ies in print worldwide, his books have become international bestsellers and have been
formally endorsed by senior members of major IT organizations, such as IBM, Micro-
soft, Oracle, Intel, Accenture, IEEE, HL7, MITRE, SAP, CISCO, HP, and many others.
As CEO of Arcitura Education Inc., Thomas has led the development of curricula for
the internationally recognized Big Data Science Certified Professional (BDSCP), Cloud
Certified Professional (CCP), and SOA Certified Professional (SOACP) accreditation
programs, which have established a series of formal, vendor-neutral industry certifica-
tions obtained by thousands of IT professionals around the world. Thomas has toured
more than 20 countries as a speaker and instructor. More than 100 articles and inter-
views by Thomas have been published in numerous publications, including The Wall
Street Journal and CIO Magazine.
Index
A Big Data Science Certified Professional
agents. See service agents (BDSCP), 11
agility (organizational), 50-52 blueprints. See service inventory blueprints
agnostic books
business process category, 115 mapped to topics from fi rst edition, 4-6
defi ned, 114 organization of, 6-8
Agnostic Capability design patt ern, 133, 322 bottom-up project delivery strategy, 91-92
agnostic capability stage (service layers), 119 business community, relationship with IT
Agnostic Context design pattern, 133, 323 community, 86-90
agnostic context stage (service layers), 117-118 business-driven (SOA characteristic), 61-63
agnostic logic, 23 business models, technology alignment with,
Annotated SOA Manifesto, 367-382 48-49
application services. See utility services business processes
applications, as service compositions, 38-43 decomposition, 115-124, 142, 164
architecture fi ltering actions, 144, 165
design patterns and, 70 identifying non-agnostic logic, 149, 169
service architecture, 70-76 identifying resources, 170-171
service composition architecture, 70, 77-83 business requirements in service-oriented
service inventory architecture, 70, 83-85 analysis, 99
service-oriented enterprise architecture, 70, 85-86
Async complex method, 247, 254-256 C
Atomic Service Transaction design patt ern, Cache constraint, 186
198, 324 profi le, 310
att ribute values for SOAP messages, 216 Canonical Expression design patt ern, 209, 325
automation systems, identifying, 99 Canonical Schema design pattern, 194, 222, 326
Canonical Versioning design pattern, 281, 327
B Capability Composition design patt ern, 83,
backwards compatibility, 267-270 134, 328
flexible versioning strategy, 283-284 capability granularity, 210
loose versioning strategy, 284 Capability Recomposition design patt ern, 83,
balanced scope (service-orientation pillar), 134, 329
55-58, 97 case studies
BDSCP (Big Data Science Certified Midwest University Association (MUA)
Professional), 11 analyzing processing requirements, 177-178
benefits of service-orientation, 43 applying service-orientation, 174
Increased Business and Technology Domain associating service capability candidates with
Alignment, 48-49 resources, 173-174
Increased Federation, 46 background, 15
Increased Intrinsic Interoperability, 44-45 business process decomposition, 164
Increased Organizational Agility, 50-52 complex methods, 259-262
Increased ROI, 48-50 defining entity service candidates, 167-169
Increased Vendor Diversification Options, 47-48 defining microservice candidates, 181
Reduced IT Burden, 52-53 defining utility service candidates, 179-180
Index 385
profi le tables. See design patterns; design resources versus entities, 189
principles; REST constraints revising service capability candidate groupings,
projects. See SOA projects 182-183
PubSub complex method, 257-258 revising service composition candidates, 181
REST services, 21
R backwards compatibility, 268-270
recomposition. See service composition compatibility considerations, 276-279
Reduced IT Burden, 52-53 forwards compatibility, 271-273
Redundant Implementation design pattern, service normalization, 135
224, 354 versioning, 266,286
resources website for information, 10
associating service capability candidates with, 172 REST service contracts
entities versus, 189 benefits of, 220
identifying, 170-171 design considerations
for information, 9 by service model, 221-225
revising defi nitions, 182-183 case study, 226-230
response codes (HTT P) guidelines for, 231-236, 239-258
customization, 240-241 return on investment, Increased ROI goal/benefit,
design and standardization, 235-236, 239-240 48, 50
REST reusability of solution logic, 35
constraints Reusable Contract design pattern, 233, 355
Cache, 186, 310 ROI (return on investment), 48, 50
Client-Server, 307
Code-on-Demand, 315 S
Layered System, 187, 313-314 Schema Centralization design pattern, 194, 222,
profile table format, 306 277, 356
Stateless, 186, 249, 256-257, 308-309 schemas, designing for media types, 244-245
Uniform Contract, 183, 187, 311-312 separation of concerns, 24-25
uniform contract modeling and, 186-187 Service Abstraction design principle, 27, 73, 80,
service inventory modeling, uniform contract 150, 223, 248
modeling and, 183-186 interoperability, 45
service modeling, 160-161 profi le, 294
analyzing processing requirements, 176-177 Service Agent design pattern, 76, 357
applying service-orientation, 174, 181 service agents, 76-77
associating service capability candidates with service architecture, 70-76
resources, 172 Service Autonomy design principle, 27, 73, 150,
business process decomposition, 164 174, 194
defining entity service candidates, 166 interoperability, 45
defining microservice candidates, 180 profi le, 297
defining utility service candidates, 178 service boundaries, 134
filtering actions, 165 service candidates, 115
granularity, 188 service capabilities, 76
identifying non-agnostic logic, 169 service capability candidates
identifying resources, 170-171 analyzing processing requirements, 152, 176-177
identifying service composition candidates, 175 associating with resources, 172
process for, 165 composition and recomposition, 127-133
390 Index
Thomas Erl is a best-selling IT author, the series editor of the Prentice Hall
Service Technology Series from Thomas Erl, and the editor of the
Service Technology Magazine. As CEO of Arcitura Education Inc.,
Thomas has led the development of curricula for the internationally
recognized Big Data Science Certified Professional (BDSCP),
Cloud Certified Professional (CCP), and SOA Certified
Professional (SOACP) accreditation programs, which
have established a series of formal, vendor-neutral
industry certifications. Thomas has toured over 20
countries as a speaker and instructor. Over 100
articles and interviews by Thomas have been
published in numerous publications, including
the Wall Street Journal and CIO Magazine.
SOA with Java: Realizing Principles,
SOA with REST: Principle ple
l Cloud Computing Big Data Fundamentals: Service-Oriented
Service-Orientation with Patterns & Constraints for Design Patterns Concepts, Drivers Architecture: Analysis & Design
Java Technologies Building Enterprise Solutions by T. Erl, R. Cope, & Techniques for Services and Microservices
by T. Erl, S. Roy, P. Thomas, with REST A. Naserpour by P. Buhler, T. Erl, W. Khattak (Second Edition)
A. Tost by R. Balasubramanian, by T. Erl
ISBN: 9780133858563 ISBN: 9780134291079
B. Carlyle, T. Erl, C. Pautasso
ISBN: 9780133859034 Hardcover, 528 pages Paperback, 218 pages ISBN: 0133858588
Hardcover, 592 pages ISBN: 0137012519 Paperback, ~ 300 pages
Hardcover, 577 pages
Web
W bSService
i Contract
C t t SOA Governance: SOA with ith .NET Windows
NET & Wi d Next Generation SOA: Cloud Computing:
Design & Versioning for SOA Governing Shared Services Azure: Realizing Service- A Concise Introduction Concepts, Technology
by T. Erl, A. Karmarkar, On-Premise & in the Cloud Orientation with the to Service Technology & & Architecture
P. Walmsley, H. Haas, by S. Bennett, T. Erl, C. Gee, Microsoft Platform Service-Orientation by T. Erl, Z. Mahmood,
U. Yalcinalp, C. Liu, R. Laird, A. Manes, by D. Chou, J. deVadoss, by T. Erl, C. Gee, J. Kress, R. Puttini
D. Orchard, A. Tost, J. Pasley R. Schneider, L. Shuster, T. Erl, N. Gandhi, B. Maier, H. Normann, P. Raj,
ISBN: 9780133387520
A. Tost, C. Venable H. Kommalapati, B. Loesgen, L. Shuster, B. Trops,
ISBN: 013613517X Hardcover, 528 pages
ISBN: 0138156751 C. Schittko, H. Wilhelmsen, C. Utschig-Utschig, P. Wik,
Hardcover, 826 pages
Hardcover, 675 pages M. Williams T. Winterberg
ISBN: 0131582313 ISBN: 9780133859041
Hardcover, 893 pages Paperback, 208 pages
CloudSchool.com CloudSchool.com
CLOUD CERTIFIED CLOUD CERTIFIED
Virtualization Specialist Capacity Specialist