Presentation is loading. Please wait.

Presentation is loading. Please wait.

IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,

Published byConstance Lucas Modified over 9 years ago

Similar presentations

Presentation on theme: "IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,"— Presentation transcript:

1 IST346:  Web Services

2 Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security, and change management issues with web architectures

3 Web Building Blocks HTTP HTML / XHTML Browser Web Server URL / URI Platform ASP /PHP /JSP AJAX Micro- formats

4 The Web at work Your computer IP: 192.168.0.55 Web Server IP: 128.230.182.251 Browser: Connect Server File containing HTML Rendered HTML Send: HTTP GET /ist346/ Recv: HTTP Response Stream URL

5 Web Service Architectures Static Dynamic CGI / Platform Dynamic Database- Driven HTTP GET /index.html HTTP Response Stream HTTP GET /index.php HTTP Response Stream HTTP GET /index.php HTTP Response Stream TYPEServer Interactions

6 Web Scalability –Vertical (Scale Up) Clients HTTP Request HTTP Response Web Server DB Server DB Calls DATA

7 Web Scalability – Horizontal (Scale Out) Load- Balancer * Clients HTTP Request Server 1 Server 2 HTTP Response * Round-Robin DNS, or a reverse Proxy Data Replication

8 Web Scalability –Up and Out Clients HTTP Request HTTP Response Web Server 1Db Server 1 Web Server 4 Db Server 2 Web Server 2 Web Server 3 Data Replication Load- Balancer *

9 Scaling  Don’t underestimate the importance of scalability  Scaling up is easier, but limiting.  You might not need to scale right away…  But you should always consider it when deploying a service.  Factor it into the equation from the beginning.

10 Web Platforms – Everyone’s got one  Java  Apache / Tomcat / JSP  Microsoft  IIS / ASP.NET  Linux  Apache / PHP  Ruby on Rails  Python  Classic Perl / CGI

11 Web Service Security  Since virtually everyone can access your service, security is important.  Rule #1 ALWAYS assume the worst.  There are many layers of security, use them all:  Secure communication with SSL (Secure Sockets Layer)  Protect the server by service Hardening on the Web server. Only run the services that are required – nothing more.  Protect the web service itself  Secure the application running over the web

12 SSL – Secure Sockets Layer  Encrypts traffic over the wire  Protects against “Man in the Middle” attacks  Orgs purchase the SSL certificate from an Authority  Browsers “Trust” the Authority  Moral:  Just because a site uses SSL doesn’t mean its “secure” it only means the traffic between you and the server is encrypted!!!!

13 Web Application Security  Limit the amount of damage someone can do.  Validate all inputs  Automate data access – generic data access should be avoided  Don’t give out more permissions than are required  Use Logging

14 Web Content Management  Change management  Update – new material  Change – alter existing material  Fix – correct existing material  Production websites at least should have:  Prod - obvious  Dev/Draft – where new changes are first made  Test/QA – final proofing before the rollout to prod

15 Questions?

Download ppt "IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,"

Similar presentations

Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.
 2004 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.

 2004 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.
 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.

 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.
DT211/3 Internet Application Development Active Server Pages & IIS Web server.

DT211/3 Internet Application Development Active Server Pages & IIS Web server.
Web Communication Client attempts to “pull” information from server – http message sent across Internet by TCP/IP* – packet switching used to route message.

Web Communication Client attempts to “pull” information from server – http message sent across Internet by TCP/IP* – packet switching used to route message.
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
Introduction to ASP.NET. 2 © UW Business School, University of Washington 2004 Outline Static vs. Dynamic Web Pages.NET Framework Installing ASP.NET First.

Introduction to ASP.NET. 2 © UW Business School, University of Washington 2004 Outline Static vs. Dynamic Web Pages.NET Framework Installing ASP.NET First.
Creating WordPress Websites. Creating a site on your computer Local server Local WordPress installation Setting Up Dreamweaver.

Creating WordPress Websites. Creating a site on your computer Local server Local WordPress installation Setting Up Dreamweaver.
Multiple Tiers in Action

Multiple Tiers in Action
Introduction to Web Based Application. Web-based application TCP/IP (HTTP) protocol Using WWW technology & software Distributed environment.

Introduction to Web Based Application. Web-based application TCP/IP (HTTP) protocol Using WWW technology & software Distributed environment.
Copyright © 2002 Pearson Education, Inc. Slide 4-1 Choosing the Hardware for an E-commerce Site  Hardware platform  Refers to all the underlying computing.

Copyright © 2002 Pearson Education, Inc. Slide 4-1 Choosing the Hardware for an E-commerce Site  Hardware platform  Refers to all the underlying computing.
Apache Tomcat Server Typical html Request/Response cycle

Apache Tomcat Server Typical html Request/Response cycle
1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.

1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.
Website Development with PHP and MySQL Introduction.

Website Development with PHP and MySQL Introduction.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.

SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Similar presentations

Ads by Google