Info on SOA, TOGAF, Virtualisation, SaaS etc.

Hi all,

I recently moved south to Bangalore and I am working for a large
software integrator. My project team is working on a project that
applies TOGAF to SOA. Are you able to point me to online and offline
resources/trainings that can help our team get up to speed with SOA
features and building blocks, the TOGAF architecture development
method, and how to use TOGAF to create SOAs. I am also in charge of 
implementing virtualisation and/or SaaS in our company.

All the help that group members can provide in this regard is much
appreciated.

Thanks,
Anaz

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

Patents, jurisdictions and distributed services

The IBM patenting meta-methodology concept got me thinking about the
impact that patents and legal jurisdictions have had on some of the
programmes I've worked on.  Recently I've been doing work with a
certain well known internet company and one of the challenges has been
the impact of things like the Patriot Act on data retention and
access.  If you are a European firm that competes with a US firm you'd
be "brave" to store critical data under those rules.  Things like the
RIPA in the UK also place data retention requirements.  Then there are
laws that state where you can take data, taking telco billing data out
of Switzerland just isn't legal for instance, and the differing data
privacy laws around the globe.

Patents add another flavour to this in that patent legislation and
controls are different between countries.  What is a patent in the US
for instance is often a joke in Europe.  This means that a service
that works in a particular way is violating a patent when hosted in
the US, but not violating it when hosted in Europe.  But what about if
the clients are in the US?  What is the definition of activation of a
service, is it related to the service or to the execution context
(which spreads between the client and server).

At work I've been coming across these problems in relation to using
SaaS, which are after all just service structures.  Right now I'm
doing a global implementation which has a whole plethora of challenges
around IP, legislation etc.  The point is that _exactly_ the same
service can be deployed in two different countries and is subject to
completely different sets of regulation which makes the management and
governance challenge significantly greater.  One of the questions is
around US originated data and where to store it and how it needs to
comply if all of the processing is done beyond the borders.

[ZapFlash] The Business Analyst vs. the Enterprise Architect

Spectacular SOA Failure?

The cover story for this weeks InformationWeek is on the value of WOA 
(over SOA). Roger Smith recently reports:

"CIOs and system architects find themselves stymied as they try to 
sledgehammer complex SOAs into their enterprises. Top-down, "if you 
build it, they will come" approaches to service-oriented architecture 
often wind up failing--sometimes spectacularly."

This got me thinking... what would a "Spectacular SOA Failure" look 
like? As of today, I've now looked at about 120 SOA programs - and I 
can't think of a single one that I'd refer to as a "Spectacular 
Failure". Instead, when I see failure, I usually see underfunded, 
sideline initiatives that never really got off the ground.

To contrast this with other "spectacular I.T. failures" like early ERP 
initiatives or first wave Web/E-commerce applications, I saw something 
very different:
1. The failure led to the firing of a CIO
2. More than 2% of the annual I.T. budget was lost/written off on the 
initiative.

That said, are we seeing "spectacular SOA Failures" or are we just 
seeing underfunded, half-hearted SOA efforts? (Surely Anne has thoughts 
on this matter since she's cited in the article as having seen only one 
SOA success...)

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Testing Methodolgy for SOA?

> I would really appreciate if any one of you share your thoughts on
testing methodology for SOA application. I am currently doing a 
research on how testing will be done for SOA applications. Please help.

Thanks!
Navin Aldo

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Joe on finding SOA Skills

<<Where can organizations go to tap into and develop that special
blend of skills needed to propel SOA and the business forward? Should
they look to their enterprise architects?  Should they look to the
outside, or grow talent and leaders from within?

I recently had the opportunity to join a panel discussion that delved
into what enterprises need to consider in terms of SOA skill
acquisition. The panel, part of Dana Gardner's BriefingsDirect series,
was held live at the recent Open Group EA conference in Chicago. Dana,
I, and other panelists — including Tony Baer, Eric Knorr, Andras
Szakal, and David Cotterill — talked about the roles of enterprise and
SOA architects, then explored the prerequisite of having a strong
connection with the business side of the house. (Access the podcast
here, transcript here.)

EAs are a natural source of SOA leadership and talent, and the logical
first place for organizations to look. However, EAs and SOA
practitioners tend to travel in different circles, as explained by
Andras, who is chief architect at IBM's Federal Software Group. Their
roles "are significantly different," he said, noting that EAs have "a
whole set of governance requirements that an enterprise architect is
involved with that an SOA practitioner may not be involved with."
While there are many areas where the two disciplines intersect, SOA
practitioners engage in transforming business processes into
implementation, while EAs focus on making sure the organization
adheres to enterprise architecture principles, he added.

Tony, who is senior analyst with Ovum, added that many vendors are
also having difficulties bridging this gap. The challenge for both
vendors and companies, he said, is "trying to define and hopefully
raise the consciousness within the EA profession that you need to have
more of a business-level sensibility."

Eric Knorr, editor at InfoWorld, noted that successful SOA efforts
he's seen are usually driven by a "visionary" type.  Eric noted that
"in case study after case study, you run into a chief architect, or
even a chief technology officer sometimes, who has really made that
connection, in an SOA context, between not only looking at the
business processes, but breaking them down into business services and
figuring out how to map a technical infrastructure against that. That
leadership is so important, because SOA is such an elusive concept
that it's very easy to fall back into the old habits of enterprise
application integration (EAI), and thinking in terms of point-to-point
integration and not thinking in terms about the last presentation,
that strategic value."

Eric's comments made me think of Anne Thomas Manes' recent observation
that SOA seems to only come to fruition after a new CIO is brought
into the picture. Is it necessary to look outside the organizatio,
then, for individuals that can bring a fresh perspective?

David Cotterill, head of innovation at the U.K. Government Department
for Work and Pensions, agrees that business-tech-savvy people need to
be brought in, but also advocated that business-technical skills can
be developed from within as well. Business skills "can be learned —
provided you have a certain level of experience," he related. "We try
to find people who have a good solid technical background and who show
the aptitude for being able to develop those softer skills. Then, we
place them in an environment and give them the challenge to actually
develop those skills and maintain those relationships with the
business. When it works, it's a really great thing, because they can
become the trusted partner of our business people and unmask all the
difficulties of the IT that lies behind."

In addition, the technical know-how comes into play "so that they can
challenge the integrators and the suppliers — just to make sure that
they are doing the right thing, that we're keeping as open and
flexible as we would like to be, and so that we're not tied into any
given supplier," David said.>>

You can read this at:

http://blogs.zdnet.com/service-oriented/?p=1158

Gervas

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Seeley on the virtues of small SOA projects

<<When introducing the service-oriented approach within an
organization, the software architect does not have to take on a
"boil-the-ocean" implementation, according to an industry analyst who
has looked at the current state of enterprise architecture.
				
In fact, small can be beautiful in service-oriented architecture
(SOA), said Mike Rollins, senior analyst, Burton Group.

An early project does not necessarily have to be a full SOA
implementation to showcase the application development philosophy,
Rollins said. A successful architect instead may start out conducting
analysis to identify the services that support business processes, he
said.

Architects can gain or lose momentum based on choices they make in
selecting SOA projects, emphasized Rollins, who has just authored a
report on "Establishing and Maintaining Enterprise Architecture
Momentum." Because SOA is still a relatively new approach to
application development, services architects need to select projects
that demonstrate business value from the get-go, he said.

"Gaining momentum with SOA initiatives involves working on the right
one," the analyst said. The selection of the right project includes
making sure it not only has business value but is doable given the
resources the architect has, he explained.

"If I have a small team of SOA architects, I need to recognize that I
can only staff one project to really start to try out this
technology," said Rollins.

Selecting the right project goes beyond finding one that might be
interesting, Rollins explained. In his view, the architect needs to
look at the level of support the project might receive from both the
IT and business side. If key groups in the enterprise are reluctant to
get involved in the project, it may not be the best choice.

The project that has the potential to build momentum for SOA within
the enterprise may not be initially the most visible, Rollins said.
Services architects need to look for these diamonds in the rough. Such
outlying projects may be marked by sponsors who are willing to work
with the software architect to identify core services. These may in
turn showcase SOA while contributing directly to business efforts, he
indicated.

"Maybe they are not going down the path of full SOA but they can still
benefit from the aid you can give them in doing a functional analysis
of business processes," the analyst said. This is the beginning of
momentum for SOA because it demonstrates the potential value of
analyzing business processes and looking at applications in terms of
services that support those processes.

This is where communication and leadership skills are as important for
architects as technical skills because introducing SOA is in part a
promotional and educational process.

"You tend to pick and chose the opportunities based on the ones that
are also going to get you more exposure, more ability to promote new
ways of thinking when you're trying to change people's perspectives,
but all the while making sure you're driving to a business outcome,"
Rollins said.

Achieving a positive business outcome through the service-oriented
approach, even in small projects, is the most successful way to
building momentum in an organization, the analyst said.>>

You can read this at:

http://searchsoa.techtarget.com/news/article/0,289142,sid26_gci1324987,00.html?track=NL-110&ad=655469&asrc=EM_NLN_4215611&uid=5532089

Gervas

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

SOMA Update

After a significant period of silence, the SOMA guys have updated their 
latest message:
http://www.research.ibm.com/journal/sj/473/arsanjani.html

It's most similar to what we're calling 'SOA lifecycle & work 
patterns', see:
http://www.momentumsi.com/harmony/SOALifecycle.html

I've noticed that a couple items are converging between our methods... 
they're now publicly noting that 'Use Cases' may not be the best way to 
go and are now recognizing 'Service Cases' as does Harmony . 

There are a number of other differences... I'll try to blog on this in 
the coming weeks...
Jeff

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Warner & Crupi on Mashups & SOA

/<<Abstract: Gartner recently named Enterprise Mashups a "Top 10 
Strategic Technology for 2008", noting that "by 2010, Web mashups will 
be the dominant model (80 percent) for the creation of composite 
enterprise applications." [REF-1] This should make any SOA architect sit 
up and wonder: Can I describe the value of mashups? Can I outline the 
relationship between mashups and existing enterprise technology like SOA?

Knowing the answers to these questions can advance you well down the 
road to embracing this exciting technology in your organization. In Part 
1 <http://www.soamag.com/I18/0508-1.asp> of this three-part series, we 
defined a mashup in the context of the enterprise, contrasted it against 
other common data integration technologies, and outlined some of the 
more important architectural elements of an enterprise-grade mashup 
solution. Now, in Part 2, we'll discuss why SOA architects should care 
about enterprise mashups. /

*Introduction: The SOA-Mashup Conundrum*

To understand the value and relationship between enterprise mashups and 
SOA, it is helpful to first understand why we need enterprise mashups at 
all. To recap what we covered in the preceding article:
. 	mashups give you faster answers
. 	mashups improve your resource use (of both personnel and soft/hard 
computing resources)
. 	mashups help you address new business opportunities by letting users 
assemble internal and external data in an opportunistic way

In a mashup world, SOA can provide the "service cloud" that supplies the 
raw materials to a community of mashup users. And therein lies the 
conundrum: _The most successful SOA initiatives will drive the need for 
mashups, but the bottom-up, ad-hoc nature of mashups can run contrary to 
the very principles that made your SOA a success in the first place._ 
Avoiding this trap is not impossible. But adding mashups to a 
service-oriented enterprise architecture does require that the SOA 
architect pay close attention to the "big 3" principle issues of SOA.

Having spent many years evangelizing, architecting and writing SOA 
solutions, we now know SOA is an easy sell to IT because it's an 
architectural best practice. The service-oriented architectural style 
has attractive principles like shared services, loose-coupling and 
service reuse. We've also learned that IT is fast to accept SOA but can 
often get tripped up implementing the fundamental issues of governance, 
granularity, and scope.

The beauty of loosely-coupled services is in being able to decouple the 
service contract from the service implementation. Loose-coupling is like 
giving someone an address to your home and letting them get there anyway 
they want. But, what if you wanted them to only take a specific route 
and you wanted to check their ID before they drove up your driveway 
(doesn't sound too inviting, but you'll get the idea)? The same applies 
to SOA. Inherently, SOA does not force you down a specific route, nor 
does it check your credentials. Or in other words, there is no 
governance built into SOA. This is okay behind the firewall; but, when 
you want to expose services to the outside, IT gets very nervous and all 
of a sudden loose-coupling looks a bit more dangerous and governance 
looks a lot more important. Thus, governance becomes paramount but it 
makes a simple path to SOA a bit more complicated.

After governance, service granularity peeks its head out. To get the SOA 
right-sized, you must address questions like "how large is a service", 
"is a service atomic or does it represent a process", "is a service so 
flexible it can support many variations or is it static and supports 
only one mega definition of data". Granularity discussions can get 
heated with epic debates lasting years in some organizations. 
Ultimately, you'll probably settle on "business granular", meaning that 
you should gauge the service granularity by being able to talk about it 
in business terms. Think 'Inventory', 'Payroll', and 'Orders'. If you 
can talk about both in the service and the data that is being exchanged 
in business vernacular, you're on the right path. As you can imagine 
this is no small feat and, like governance, adds another layer of 
complexity to the SOA roadmap.

The final issue of scope determines how big or how much of a problem IT 
is willing is to tackle when SOA-tizing the datacenter. From a project 
management and funding perspective, scope can really impact the 
likelihood of success or failure. After years of brilliant marketing, 
CIOs are betting on the lofty ROI, agility and time-to-market promises 
by making SOA a top 3 corporate initiative. Good for funding and 
commitment; bad for pragmatic realization. We now know that SOA can be 
very successful if managed as a series of well-scoped, smallish projects 
that are tied to business need. In essence, proper scope can lead 
directly to SOA success...or failure.

	
/Figure 1: How mashups establish a layer between SOA and users./

After navigating the governance, granularity and scope issues of your 
SOA, you have one (or more) small, successful SOA projects that have 
resulted in a library of business-driven, micro-services that have can 
immediate business impact. But there's the rub in your successful SOA: 
You either have no direct demand for your services by business users or 
you have demand for direct access by business with no way of delivering 
them safely.

That's where mashups come in. A mashup can help deliver a new, dynamic, 
and potentially huge group of consumers to your services. And that's why 
an SOA architect should care about mashups: _Mashups can become that 
invaluable direct link between an SOA and the business community of an 
organization._

But how can we push our services out to a mashup community without 
trampling the principle issues of governance, granularity and scope that 
made the SOA effort successful in the first place? And furthermore, what 
are the interaction patterns between your SOA and these mashups? It is 
this fusion of SOA and enterprise mashups that SOA architects must 
understand.

*Mashups Can Deliver SOAs to the User (Without Breaking Your SOA)*

Mashups bring a "user" into the SOA mix. This is an entirely new element 
and one that is dynamic and unpredictable. But the SOA architect needs 
to appreciate this as a good thing: The new demand that is being 
generated for an SOA from a mashup community. By having the business 
build mashups upon the foundation of you service-oriented architecture, 
they essentially become SOA champions without knowing it.

To get a better picture, it helps to consider some of the more common 
"connections and interactions" between
the two:

/Information Right-Sizing/

Three years ago we wrote a blog entitled: SOA Best Practice for Business 
Unit Alignment [REF-2]. The premise was simple: You had a better chance 
making your SOA successful if you included the business unit and made 
SOA more top-down. At the time, ~80% of the readers agreed and ~20% didn't.

The group that agreed not only believed this to be true, but felt this 
was the only way SOA would achieve success. They felt that without the 
business, IT would not be able to correctly define the correct service 
granularity. That also meant you should be able to talk about services 
in business (not technical) terms. Interestingly, the 20% that didn't 
agree felt that it should actually be done both top-down and bottom up.

But our point went further. IT needed to not only see the value in 
bringing the business to the table, but should actually let the business 
take more of a leadership role in defining the data they want and have 
that drives the service definition and creation. As a result, it is 
three years later and I have concluded that both groups were right.

The ideas are relevant here because _mashups are a great forcing 
function for the right-sizing interaction between SOA architects and SOA 
business consumers._ In most service-oriented solutions, IT needs to 
"right size" services. This kind of dynamic virtualization is best 
defined by the use-cases from the business but needs the guiding hand of 
IT to make it stick.

/Publishing and Syndication/

Many view mashups as data displayed on maps. While the majority of early 
mashups certainly seemed to fit this description, today enterprise 
mashups can be published to many kinds of destinations that an 
enterprise user would appreciate. In addition to SOA-friendly formats, 
such as RSS and Atom plus REST and SOAP, mashup creators can publish 
mashups to spreadsheets, as WSRP-compliant portlets, wiki- and 
blog-friendly widgets, or even into a mobile phone as a 
micro-application. _Mashups can become the vehicle through which 
services become part of the everyday tools of the enterprise business 
user._

A detailed example can reinforce this idea. Certainly most Web surfers 
have seen the power of syndicated widgets in popular sites such as 
iGoogle, Netvibes, Yahoo Maps and YouTube. Widgets let users do one or 
two narrowly-defined things well. And because both widgets and mashups 
are micro in scale, the fusion of widgets and mashups can yield 
explosive results. Today, the newly-combined data in your mashup can be 
published as a widget for use by others.

One good example of mashup-driven widgets is the system called "The 
Badge" from Thomson Scientific's ResearcherID.com community [REF-3]. The 
Badges let research professionals around the world publish a dynamic set 
of personal research data (such as number of citations, citations by 
country, and other professional data) into their own personal blog or 
Web site. To the Web site visitor, the Badge looks like a graphical 
button; it is in fact a widget that communicates with a service-oriented 
solution in the Thomson datacenter.

/Mashup-to-SOA Publishing/

The whole value proposition of loosely-coupled services gets muddied by 
the need to version services. The public interface of services, once 
published to the greater consuming community, must remain static. You're 
pretty much stuck with them. Yes, you can introduce bug fixes, but 
fundamental enhancements that affect the public service definition (like 
changing data types and adding new operations) can be very problematic 
for services that are widely consumed. Popularity, in a sense, can be an 
impediment to improving your SOA.

This is where mashups can directly help the SOA architect and developer. 
_Mashups can go well beyond leveraging an SOA by becoming part of that 
SOA, allowing developers to create customized "service skins" from core 
services._ These skins provide a thin, easy-to-manage buffer against 
frequent or dramatic changes to the core services within your SOA.

Because mashups can be exposed as REST-, WSDL- and JSON-based services, 
they look and feel like a real SOA-based service to developers who want 
to consume them. In this use case, the service(s) from which the mashup 
is derived remain unchanged and become more of a "behind the scenes" 
core service. The mashup, created by the developer, becomes the tailored 
service which is directly aligned with their particular need. Major 
enhancements to core services can be accommodated with a reformulated or 
updated mashup by the mashup creators themselves.

/Service Virtualization/

At a recent conference we asked the audience how many have put SOA into 
production. Many waggled their hand too-and-fro, not indicating a 
definitive yes or no but a "sort of". As most SOA architects know by 
now, implementing a service-oriented solution can become quite complex. 
That means good SOA doesn't happen overnight and most SOA teams are 
diligently working their way through a very long list of services that 
need to be constructed. Mashups can help create quick-and-dirty 
"virtual" services from sources that haven't yet been service-oriented. 
Until the formal SOA magic has been applied across your enterprise, a 
good mashup tool can provide a light-weight, normalized virtual service 
for mashup users.

More inquiry with my conference audience revealed that most were not 
completely comfortable saying their SOA was "in production" for services 
that just did one or two things. They were under the impression that SOA 
meant "big in size" and "big in functionality". Or, said another way, 
functionally-limited services didn't jive with their view of a 
properly-architected SOA. But many admitted that there were many 
services that were essentially simple and data-centric and were being 
highly utilized by the business.

This is a great opportunity for SOA architects and developers to add 
mashups to their bag of tricks. Since mashups provide data services that 
work best by exposing discreet sets of data, it makes sense to employ 
mashups as a data service provider within your SOA when the service is 
small and specialized. Sure, you could still have the big services 
underneath, but mashups make a great light-weight solution that can 
reduce the services' complexity and help expose right-sized virtual 
services in manageable, easily-consumable parts.

/Inside-Outside Combinations/

The trend towards standardized data formats makes it possible for 
mashups to combine your SOA with public or external sources that have 
adopted a standard data exchange format. Imagine you have customer data 
in your internal Siebel database and more customer data in a hosted 
Salesforce system. To get a list of opportunities from both systems and 
view it as a single data source creates a data migration problem. 
Instead of selecting one of the systems as the master data provider and 
moving the other data into it, a simple mashup that takes advantage of 
the standardized service interface of both systems allows you to create 
a mashup from them. (This assumes you've added that nice set of 
SOA-based services to your internal Siebel system, of course!). In other 
words, mashups let you create dynamic formats aligned with the users 
needs without having to migrate large chucks of data.

*Conclusion*

A mashup can be a first-class service consumer. But a recent Forrester 
report emphasized that a proper approach to enterprise mashups must 
"provide a safety net for business users" [REF-4]. In other words, your 
mashup efforts must address governance, granularity and scope issues as 
proactively as your SOA efforts did. Assuming you agree and desire this 
new consumer base for your SOA, the natural inclination might be to 
rework your original SOA governance, granularity and scope to make it 
more "user" centric.

At this point _any SOA architect worth his WSDL should see that mashups 
can greatly enhance an SOA and don't necessarily ignore or break the 
principles that made your SOA great._ But governance, granularity and 
scope for mashups do require subtle tweaks and adjustments to your 
enterprise toolset. Because the business has different needs. They want 
small, not big. They want micro-slices of data, not all of it. They want 
combined data from a small number of services so that they can further 
combine it with external systems.

Fear not. Mashup governance, granularity and scope is not as difficult 
as it might sound and it need not be as difficult as it was during your 
SOA. If properly architected, your enterprise mashup solution can 
leverage many SOA technologies, acting as a peer to your SOA. In Part 3 
of this series we'll do just that: discuss an enterprise architecture 
that incorporates mashups as part of SOA-enabled ERP/CRM/SFA/BI and 
homegrown applications.>>

You can read this at: http://www.soamag.com/I21/0808-1.asp

Gervas

Mimic real business directly (Was: A RESTafarian who eschews the use of SOAP)

Michael,

I've split this thread off as you want to discuss something different to Steve.

I'm afraid that I need to ask for you to elaborate further what you
mean by the questions, as it is not clear to me. I would rather
address your actual meaning than a guess at it.

Alan

On Sat, Aug 9, 2008 at 5:34 PM, Michael Poulin <m3poulin <at> yahoo.com> wrote:
> Great job, Alan,
> how <<REST stands for REpresentational
> State Transfer and is an architectural style for web services that mimics
> how the World Wide Web works >> No doubts about REST and WWW but how this
> relates to real life? What is a web service in this case and how WWW mimics
> real business? Why we need to mimic something, which might or might not
> mimics business, instead of mimicking business directly? Is this a cool
> technology for the sake of technology?
> Sorry, this is different topic than you discuss with Steve...
> - Michael
>
> ----- Original Message ----
> From: Alan Dean <alan.dean <at> gmail.com>
> To: service-orientated-architecture <at> yahoogroups.com
> Sent: Friday, August 8, 2008 7:02:43 PM
> Subject: Re: [service-orientated-architecture] Re: A RESTafarian who eschews
> the use of SOAP
>
> On Fri, Aug 8, 2008 at 9:53 AM, Steve Jones <jones.steveg@ gmail.com> wrote:
>> 2008/8/7 Alan Dean <alan.dean <at> gmail. com>:
>>
>>> On Thu, Aug 7, 2008 at 1:55 PM, Steve Jones <jones.steveg@ gmail.com>
>>> wrote:
>>>> 2008/8/6 Alan Dean <alan.dean <at> gmail. com>:
>>>>> On Wed, Aug 6, 2008 at 3:50 PM, Steve Jones <jones.steveg@ gmail.com>
>>>>> wrote:
>>>>>> 2008/8/6 Alan Dean <alan.dean <at> gmail. com>:
>>>>>>> I would like to pick up on a couple of statements you just made. You
>>>>>>> said:
>>>>>>>
>>>>>>> "REST leaves lots of things to the server and client that appear to
>>>>>>> being assumed as "simple" or not important when in reality it is
>>>>>>> these
>>>>>>> bits that people care about"
>>>>>>>
>>>>>>> I would like to point out that I explicitly said in my piece that the
>>>>>>> protocol would likely be non-trivial. The server and client
>>>>>>> implementations of an e-commerce application protocol would not be
>>>>>>> simple and I never said or implied that they would. What I did say is
>>>>>>> that serendipitous re-use naturally (and, yes, simply) arises from
>>>>>>> the
>>>>>>> uniform interface (which is not the same thing).
>>>>>>
>>>>>> Couldn't the same thing be said about publishing a WSDL though?
>>>>>
>>>>> I know of no WSDL that is re-used across multiple providers and neither
>>>>> do
>>>>> you.
>>>>
>>>> SABRE and Amadeus have (unique to each other) WSDLs that are used by
>>>> multiple consumers (which is surely re-use), and the OBIX standard
>>>> does actually have WSDLs that providers have to comply with around
>>>> building management. Last time I heard a presentation on it (2 years
>>>> ago) they were using it in the wild.
>>>
>>> Rather than turn this (sub)thread into a book length discourse, I am
>>> going to trim out a couple of specific points starting with the WSDL
>>> discussion.
>>>
>>> I agree that WSDL supports multiple consumers. That's exactly what it
>>> was designed to do.
>>>
>>> My point is that you don't have provider re-use of WSDL. The uniform
>>> interface constraint of REST addresses exactly this issue.
>>
>> The OBIX thing is an example of provider re-use.
>>
>>>
>>> Rather than a one-to-many relationship that is the standard approach
>>> with SOAP / WS-* interfaces, REST is modelled on a many-to-many
>>> relationship by default.
>>>
>>> Let me provide a fictitious example. Let's say that the big UK
>>> supermarkets all decide that they want to support rich clients, not
>>> just browsers.
>>
>> The CAP (common alerting protocol) is exactly what you are talking
>> about BTW and I certainly see the value in that.
>>
>>>
>>> In the SOAP world, each would expose service endpoints along with the
>>> associated WSDL. The writers of rich clients would then need to
>>> integrate to each of these endpoints during development and then ship
>>> their app. Then more supermarkets decide to do the same thing. The app
>>> developer must integrate each and deliver an updated app to their
>>> customers. The only way that I know of to work around this is for all
>>> the supermarkets to agree an identical WSDL interface, where only the
>>> service endpoint address varies. There are, broadly, two branches to
>>> this story. Either the 'common' WSDL comprises a complex set of
>>> WebMethods that are strongly typed (and the supermarkets take a decade
>>> to agree what these should be) or, more likely, the interface ends up
>>> being fully docu-centric with a single WebMethod that looks something
>>> like:
>>>
>>> [WebMethod]
>>> public XmlNode GetResponse( XmlNode request)
>>
>> Or there is a specification that is agreed upon for the service being
>> provided and this translated into the WSDL. My mind is thinking about
>> the "transaction" part of the process. I've always agreed that for
>> the "interaction" especially with a human at the other end of it that
>> the navigation approach works best.
>>
>> Take an example like vendor managed inventory. My "Service" has to
>> provide three key capabilities - get the stock level of a given stock,
>> get the demand forecast for a given stock and notify of shipment. Two
>> are reads, one is a write. Now people then sit at this and think
>> "polling sucks, caching doesn't really help" so you shift it to say
>> "add trigger level to stock" which then notifies you at a given point.
>> This fundamentally shifts the solution as you are now waiting for an
>> event to be sent to you. Finally you get really smart and work out
>> that the important bit is the difference between the demand and the
>> stock level so you put a trigger which balances between the two and
>> automatically then initiates the order shipment.
>>
>> What this process has done is take it from the vendor calling the
>> retailer to the vendors process running inside the retailer. Now I've
>> massively over simplified what is required but my point is that we are
>> at a pretty coarse grain with very little navigation across data
>>
>>>
>>> along with an XmlSchema.
>>>
>>> In the REST world, a "Supermarket Application Protocol" would be
>>> written along with associated MIME type(s). A generic app can then be
>>> written which knows about the protocol and the MIME types. It can be
>>> used against any provider which implements support for the protocol.
>>> There is no specialised integration by the rich client application
>>> developer. The only time a new client app needs to be shipped is for
>>> bug fixes, or a new version of the protocol (something which tends to
>>> be rather rare).
>>>
>>> I would like to hear what you think about this problem domain because
>>> it is something I am very interested in. Especially the 'type-safe'
>>> -vs- 'docu-centric' question. Weaknesses of type-safety include
>>> specifcation and integration pain (and WS-I compliance). A weakness of
>>> docu-centricity is the loss of much of the tooling convenience. A
>>> weakness of both is the lack of built-in caching support.
>>
>> I'm a formalisation person but I like document centric approaches.
>> One of the things I've said for a while is the lack of a WS-Contract
>> that enables the pre/post/invariants to be defined against a service
>> which would enable a document centric approach but apply a different
>> level of formalisation. Doing a "proxy" also means you can do
>> document centric between parties and then map to an easier to tool
>> solution internally.
>>
>>>
>>> The problems with provider re-use in SOAP / WS-* are sufficiently
>>> great that I do not know of any WSDL that is re-used across multiple
>>> providers. Perhaps you do? If so, I would like to know more -
>>> especially how the obstacles were overcome.
>>
>> OBIX is an example that has used both REST and SOAP
>> http://www.oasis- open.org/ committees/ tc_home.php? wg_abbrev=
>> obix#technical
>>
>> Being clear here I'm 100% with you on the application protocol pieces
>> and if REST is the under-pinning for us to formalise that layer then
>> lets do that. What I don't want to do is the plumbing, and I will
>> never think of the plumbing as important. What is important in B2B is
>> getting the next level formalised and making that formalisation easy
>> to use so people can work in collaborative value networks.
>>
>> Steve
>
> Excellent 
>
> A concrete example to discuss, chosen by yourself.
>
> I have gone off to the OBIX site and the related OASIS working group.
> Downloaded the technical bits. Had a gander. Smiled.
>
> Direct quotes from the OBIX Specification:
>
> "3.4 REST
> Many savvy readers may be thinking that objects identified with URIs
> and passed around as XML documents is starting to sound a lot like
> REST – and you would be correct. REST stands for REpresentational
> State Transfer and is an architectural style for web services that
> mimics how the World Wide Web works. The WWW is basically a big web
> of HTML documents all hyperlinked together using URIs. Likewise, oBIX
> is basically a big web of XML object documents hyperlinked together
> using URIs.
>
> REST is really more of a design style, than a specification. REST is
> resource centric as opposed to method centric - resources being oBIX
> objects. The methods actually used tend to be a very small fixed set
> of verbs used to work generically with all resources. In oBIX all
> network requests boil down to three request types:
> • Read: an object
> • Write: an object
> • Invoke: an operation"
> (lines 376 - 390)
>
> Further, the identified 'request types' are explicitly mapped to HTTP
> methods:
>
> "17 HTTP Binding
> The HTTP binding specifies a simple REST mapping of oBIX requests to
> HTTP. A read request is a simple HTTP GET, which means that you can
> simply read an object by typing its URI into your browser. Refer to
> "RFC 2616 Hypertext Transfer Protocol" for the full specification of
> HTTP 1.1.
> 17.1 Requests
> The following table summarizes how oBIX requests map to HTTP methods:
> oBIX Request HTTP Method Target
> Read GET Any object with an href
> Write PUT Any object with an href and writable=true
> Invoke POST Any op object
> The URI used for an HTTP request must map to the URI of the object
> being read, written, or invoked. Read requests use a simple HTTP GET
> and return the resulting oBIX document. Write and invoke are
> implemented with the PUT and POST methods respectively. The input is
> passed to the server as an oBIX document and the result is returned as
> an oBIX document.
>
> If the oBIX server processes a request, then it must return the
> resulting oBIX document with an HTTP status code of 200 OK. The 200
> status code must be used even if the request failed and the server is
> returning an err object as the result.
>
> The oBIX documents passed between client and servers should specify a
> MIME type of "text/xml" for the Content-Type HTTP header.
>
> Clients and servers must encode the oBIX document passed over the
> network using standard XML encoding rules. It is strongly recommended
> using UTF8 without a byte-order mark. If specified, the
> Content-Encoding HTTP header must match the XML encoding."
> (lines 2174 - 2195)
>
> Then, the specification provides a SOAP binding:
>
> "18 SOAP Binding
> The SOAP binding maps a SOAP operation to each of the three oBIX
> request types: read, write and invoke. Like the HTTP binding, read is
> supported by every object, write is supported by objects whose
> writable attribute is true, and invoke is only supported by
> operations. Inputs and outputs of each request are specific to the
> target object.
>
> Unlike the HTTP binding, requests are not accessed via the URI of the
> target object, but instead via the URI of the SOAP server with the
> object's URI encoded into the body of the SOAP envelope."
> (lines 2214 - 2222)
>
> So it would seem that OBIX have chosen exactly the path I have done in
> the past. Namely, specify a RESTful protocol and then provide a thin,
> optional, SOAP layer if people want to use it. The SOAP layer simply
> pipes XML documents back and forth, nothing more. The WSDL is
> docu-centric, rather than strongly typed WebMethods. An XML Schema is
> provided which can be used by either RESTful or SOAPy clients and
> servers. Exactly the pattern I described earlier.
>
> In this *real* example (provided by you), I fail to see why you would
> choose SOAP over REST.
>
> You still need to edit the WSDL:
>
> "Missing from the standard oBIX WSDL is the service element. This
> element binds a SOAP server instance with a network address. Each
> instance will have to provide its own services section of the WSDL
> document. The following is an example of the WSDL service element:
>
> <wsdl:service name="obix">
> <wsdl:port name="obixPort" binding="tns: obixSoapBinding" >
> <soap:address location="http://localhost/ obix/soap"/>
> </wsdl:port>
> </wsdl:service> "
> (lines 2264 - 2272)
>
> and if you add in any WS-* extensions such as WS-Security or
> WS-ReliableMessagin g, you will break any standard OBIX client proxy
> thus losing serendipitous re-use and requiring custom service
> integration.
>
> Oh, and intermediaries can't cache the "Read == GET" SOAP messages
> where they can with REST (provided the cache headers are set
> correctly, natch).
>
> What is more: the OBIX specification requires transport over HTTP -
> it's right there in the WSDL:
>
> <soap:binding style="document"
> transport="http://schemas. xmlsoap.org/ soap/http"/>
>
> In conclusion, from my cursory investigation, I would say that OBIX is
> a RESTful application protocol with a SOAP binding thrown in. What
> would have made it even better would be if OBIX had registered a MIME
> type of "application/ obix+xml" with the IANA.
>
> Regards,
> Alan Dean
>
> 

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest <at> yahoogroups.com 
    mailto:service-orientated-architecture-fullfeatured <at> yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe <at> yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Joe tells you when it ain't SOA

<<Are we having fun yet? I've talked plenty about companies
implementing JBOWS (Just a Bunch of Web Services) versus full-throttle
SOA, but is there a way to tell the difference?

Here are a few clues that you may be not quite as service-enabled as
you thought:

1) If a vendor tells you that you need to buy a suite to get to SOA…
it's not SOA. SOA means complete freedom from suites and integrated
packages.

2) If a vendor is trying to sell you hardware… it's not SOA. Enough said.

3) If you're sending out email inquiries or making phone calls to find
out what services are out there…. it's not SOA. Registries and
repositories are essential for service discovery and validation.

4) If nobody's sharing services… it's not SOA.  You can have all the
standardized services you can handle, but if it's services within
silos and nothing more, then it's services in silos.

5) If developers and integrators are not being incented or persuaded
to reuse services and interfaces… it's not SOA. Without incentives or
disincentives, they will keep building their own stuff.

6) If your CIO is clueless about what's going on with shared services…
it's not SOA.  To truly function, SOA-based infrastructures need to
cross organizational boundaries, and it takes someone at the
management level to bring these efforts together. Otherwise, again,
it's services in silos.

7) If the IT department is running the whole show… it's not SOA. Sorry
IT folks, but SOA needs to have the business heavily involved in the
effort as well.

8) If it only runs one operating system or platform… it's not SOA. SOA
has nothing to do with any single OS.

9) If it replicates a SOA in place elsewhere… it's not SOA. Every
company has unique business requirements and processes, and no two
SOAs will be alike.

10) If you have to rewrite or redesign code to make things run right…
it's not SOA. SOA is supposed to make rewrites unnecessary.

Qualifier: of course, there's no such thing as a perfect SOA — the
important thing is the fact a company is working toward service
orientation at some level.>>

You cna read Joe's blog at:

http://blogs.zdnet.com/service-oriented/?p=1140

Gervas

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/service-orientated-architecture/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/service-orientated-architecture/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:service-orientated-architecture-digest@... 
    mailto:service-orientated-architecture-fullfeatured@...

<*> To unsubscribe from this group, send an email to:
    service-orientated-architecture-unsubscribe@...

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/