A BPEL process can interact with internal and/or external Web services, and needs to specify the location (endpoints) of the WSDL (interface) files of these services. This physical binding is normally provided by a BPEL process's configuration file accessible to a BPEL orchestration server. The WSDL files provide, among other things, the description of the operations that can be invoked by the BPEL process on the respective Web services.
With BPEL, it doesn't really matter whether the services are hosted by a Grand Central or by the partner companies themselves - the core architecture remains the same. A service hosting company just simplifies and localizes some of the firewall and security issues.
Note that there are several additional issues which are introduced once BPEL is used to orchestrate services hosted by trading partners or hosting companies. These issues include firewalls, security and asynchronous services and call for using a standard like WS-Security for encrypting, digitally signing and authenticating your messages in such a way that they can pass through firewalls.
To properly deal with firewalls, problems can be avoided by setting up a VPN (or dedicated link) between the BPEL process host and the service hosts or a protocol such as HTTPS that will pass through firewalls securely. Note that with asynchronous services that require callbacks, the company hosting the BPEL process needs to enable the callbacks to pass through the firewall as well, using the same protocols/standards mentioned.
Dig deeper on BPEL
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.