Ask the Expert

Web services best practices

I want to do best practices now, not later. What functions should be done by the app server? What functions should be performed by dedicated Web service infrastructure? Does a Web service infrastructure exist?

    Requires Free Membership to View

The app server is the right place to implement:

  • Business logic
  • The inner layer of a multi-layer security scheme (typically basic authentication and access control based on abstract roles)
  • A generic Web service interface that can be reused.

    The Web service infrastructure is the right place to implement:

  • Common policies that cut across multiple Web services
  • Monitoring and audit trail creation for regulatory compliance
  • Service level monitoring and response policies for failure to hit service levels
  • The outer layers of a multi-layer security scheme (i.e. malicious attack scanning, mapping of specific requestors to abstract roles)
  • A requestor specific virtual service (known as a Service View) that maps the generic interface into the interface needed by that specific group of requestors. Service views will vary interface elements such as transport used (HTTP vs. MQ vs. TIBCO); standards level supported (for SOAP, WSDL, etc.); security standards/mechanisms (which authentication authority is used, are the messages WS-Security compliant or not); XML document schemas; etc. etc.
  • This was first published in July 2004

    There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: