Nature & Objectives:

The course presents to the participants today's Web Services benefits, weaknesses and threads.  Attendees will get to know that WSDL is not the only description language available in the wild and will get first hand experience working with WADL. Attendees will learn what challenges they may face while interoperating with .Net, Apache CXF, Axis2, Metro and other Web Services stacks, the security issues they need to be aware of and how to cope with them, Web Services Security standards, and the use of state-of-the-art tools to secure the Web Services while being compliant with international standards, securing a SOAP message using electronic certificates for signing and encryption, and the use of WS-Policy to offer authentication, integrity, confidentiality and non-repudiation.

Attendees will also learn to create Web Services using annotations, cater with interoperability problems between different Web Services stacks, create a Web Service that receives multiple requests in one method call, avoid Denial of Service (DoS) attack, the use of MTOM as a security defence tool, and to resolve lengthy background processes. Attendees will also learn to plan and build a scalable Web Services in order to respond to nowadays ever increasing service demand. Attendees will also learn to use cache proxy to maximize speed and security, invoke Spring beans and integrate them with Web Services. Last but not least, attendees will learn to unit test Web Services to minimize problems derived from patchings and changes introduced during an agile development phase.

Course Outline:

1. Introduction to Web Services
• A new kind of remote procedure call over the Internet
• Benefits and Threads
• RPC Style Web Service
• Document Style Web Service
• Wrapped Style Web Service
• Deep understanding of WSDL structure
• Differences between WSDL 1.1 and WSDL 2.0
• What WADL is and how it differs from WSDL 2.0
• Creating your first Web Services using WADL
• Manually create and change a WSDL file
• How to setup Eclipse to work with Apache Axis2, Apache CXF and Apache Wink
• Use Eclipse to manage WSDL
• Use Eclipse to validate a WSDL construct
• Use Eclipse to generate JavaBeans from XSD
2. Code Auto-Generation and Method Calling
• Using Apache CXF and Apache Axis2 to create client and server site code
• Creating a Wrapped Pattern Web Services with ease
• How to automate code generation with from WSDL and XSD
3. Interoperability Issues
• Understanding interoperability problems
• Knowing why, sometimes, Web Services created with .Net and Apache don't interoperate well
• Mastering the knowledge of how to create a Web Services server that accepts .Net call as well as other web services stacks
• Precautions to take while using MTOM/XOP to cope with performance and interoperability issues raised by SOAP with Attachments (SwA) and WS-Attachment
4. Monitoring
• Becoming proficient on how Web Services' request and response work
• Sniffing around the request and response messages
5. Planning and Design
• Knowing why sometimes Web Services may cause timeout and try to solve this problem
• Understand how a proxy for Web Service works; how to build one and what problems it may solve
• Knowing how REST Web Services work and how to make a request using Telnet
• Plan how to unit test the business logic and how to automate the test process
6. Advanced Features
• Get to know what a binding is and how use JAXB to maps between XML and Java construct
• Creating a Web Services that accepts more than one request in a single submission
• Learn how to create a Web Service using annotation
• Learn how to deal with faulty messages and how to efficiently combine multiple fault messages into one response message
• Learn how to visually create a WSDL file to handle multiple request and response messages
• Knowing how to cope with problems resulting from encoding binary files using Base64
• Learn how to integrate WS-Policy, WS-Security Policy and WS-Addressing into your Web Services
• How to easily integrate Spring Beans with Web Service
• Get to know what security standards exist for Web Services; what problems they may cause; and what solutions the open community has provided

Who Should Attend:

System Administrators / Engineers / Analysts, Technical Engineers / Managers, Data Security Officers, Information Security Analysts / Managers, IT Auditors and Managers, Security Consultants and System Integrators, Senior Programmers / CTOs. Participants are expected to have hands-on experience in Windows system, knowledge on Java programming language for stand alone as well as web-based applications.