Sun's Project Tango

Print-friendly Version

Sun's Java Web Services engineers are working with Microsoft's Windows Communication Foundation (WCF) engineers to ensure interoperability of enterprise features, such as security, reliable messaging, and atomic transactions. At Sun, we call this work "Project Tango" and like to think of Duke doing the dance. This is accomplished by implementing a number of WS-* specifications and holding plugfests where Sun and Microsoft engineers work face-to-face testing our implementations of those specifications.

From a functional point-of-view, the main interoperable features enabled by Project Tango are:

• Bootstrapping communication
• Optimizing communication
• Enabling reliability
• Enabling atomic transactions
• Securing communication

Project Tango is developed as open-source as part of the Glassfish Community, and it is delivered integrated into the latest Web Services stack there. Sun plans to release Web Services Interoperability Technology (WSIT) products based on this stack. The WSIT functionality is delivered as plugins to Sun's JAX-WS implementation, and the implementation code is here.

The rest of this article gives an overview of some of the features enabled by Project Tango.

When you want to use a web service, you must first find a URL to the service, then build consumer-side artifacts to communicate with the service. Finding the service is typically done either out-of-band or by looking up services in a registry. In Project Tango, once a service URL has been obtained, the URL is passed to wsimport. wsimport retrieves the metadata describing the service (for example, WSDL) and creates consumer proxies used to communicate with the service.

Project Tango relies on a newer version of JAX-WS's wsimport to use WS-Transfer and WS-MetadataExchange to obtain a service's WSDL from a WCF-based service. These specifications are used as an agreement between Sun and Microsoft on how to transfer the metadata, and don't need to concern the developer. All this is hidden under the covers by wsimport.

Project Tango provides two optimizations for communication between web service consumers and web service providers:

• Optimizing the wire format of SOAP messages.
• Security optimization.

The wire format is optimized by MTOM and XOP (built into the underlying JAX-WS platform). These specifications enable optimized binary encodings of XML content within SOAP 1.2 payloads. XML structure is preserved in a text-based "XML Information Set" manifest, while enabling the document's contents to be serialized to any binary encoding. These specifications enable encoding of XML content as MIME body parts and encapsulation of those parts -- along with the associated XML Information Set manifest -- within SOAP 1.2 envelopes. The specifications also describe how to encapsulate binary-encoded XML body parts directly within HTTP packets. The main point is that the size of the XML is reduced resulting in more optimal communication.

Security is optimized by implementing the WS-SecureConversation specification that enables a consumer and provider to establish a shared security context when a multiple message exchange is first initiated. Subsequent messages use derived session keys that increase the overall security while reducing the security processing overhead for each message.

Once again, a developer does not need to be concerned with the specifications. Project Tango uses these specifications to enable optimizations that work with WCF-based consumers and providers. When creating a Project Tango-based provider, enabling these optimizations is simply a checkbox feature when using the Project Tango module for the NetBeans IDE.

When consuming a web service, nothing special needs to be done - the optimizations are described in the service's metadata (for example, WSDL) and are handled automatically when creating the artifacts with wsimport.

Reliability, in Project Tango, ensures that the underlying system is able to recover from failures caused by messages that are lost or misordered in transit. Recovery is handled by the underlying system without involvement of consumer or provider application code.

Interoperable reliability is achieved by implementing the WS-ReliableMessaging specification. Turning on reliability, in Project Tango, when developing a web service, is simply a checkbox in a reliability panel in NetBeans as shown in the following screenshot.

Reliable Messaging Screenshot Click here for a larger image.

Atomic transactions are a well-known means to ensure that all operations within a transaction boundary succeed. If even one operation fails then all other operations are aborted. Transactional support has been available in Java Enterprise Edition for a number of years on IIOP invocations. Project Tango enables transactional support for web services.

Interoperable atomic transactions are enabled, in Project Tango, by implementing the WS-Coordination and WS-AtomicTransactions specifications.

Web services, until now, have relied on transport-based security such as SSL to provide point-to-point security. Project Tango implements the WS-Security specification to provide interoperable message content integrity and confidentiality, even in the presence of intermediaries. In other words, WS-Security does not rely on transport-based security. WS-Security is a security option provided by Project Tango besides existing transport security which still may be used. Project Tango also provides an implementation of the WS-Trust specification as a means for issuing, renewing, and validating security tokens used by WS-Security, and to establish and broker trust relationships.

A developer using WSIT products from Project Tango does not need to be knowledgeable of the above specifications nor to even be aware of their existence. The specifications are design documents that enable Project Tango and WCF to interoperate by implementing those specifications. In addition to the specifications listed above, interoperability with WCF is also using WS-Addressing (normalized web service addresses, enabling multiple transports to be used, besides HTTP), WS-Policy (configuration), WS-SecurityPolicy (policies that describe how messages are secured).

There is a NetBeans module that simplifies writing and configuring a web service application to use the new features enabled by Project Tango. A developer writes a web service application using JAX-WS. The developer then configures reliability, transactions and/or security by selecting appropriate settings. Here is an example security screen.

Security Screenshot Click here for a larger image.

In addition to daily interoperability testing between Sun sites and Microsoft sites, Sun engineers worked with Microsoft engineers in Redmond in November 2005 and again in March 2006 at interoperability "plugfests." This focused interoperability testing ensures that WCF-based products and Project Tango-based products will seamlessly work together out-of-the-box. Arun Gupta's blog is a good place to go to find more details about our work at the plugfests.

• You can pick up the latest Web Services stack which includes the WSIT technology at http://wsit.dev.java.net/.
• You can also contribute to the development of the source code for Project Tango at http://wsit.dev.java.net/ and to the base JAX-WS infrastructure at http://jax-ws.dev.java.net/. Both are part of the Glassfish community.
• TheAquarium is a good place to keep up-to-date on the Glassfish community.
• The author of this article, Harold Carr, maintains a blog with entries pertaining to Project Tango.