Conga, SSL and WebServices
Download
Report
Transcript Conga, SSL and WebServices
Dyalog’08
Conga, SSL and
WebServices
Morten Kromberg
Dyalog’08 - Elsinore
Agenda
• Demo / Introduction to:
• Conga – for remote communication
• Secure Communication using SSL/TLS
• The ”Stand Alone Web Service” (SAWS)
Conga, SSL & WebServices
Dyalog’08
3
Conga - Introduction
• Replaces TCPSocket Objects as the PREFERRED
tool for communications
• TCPSocket Objects are very general and close to the
TCP Protocol
• Most APL applications only use a small subset of the
features of TCP
• APL’ers have trouble opening & closing connections
and handling errors ”correctly”
• ⎕DQ makes TCPSockets interfere with GUI and
multi-tier applications are very hard to code
Conga, SSL & WebServices
Dyalog’08
4
Demo: Intro to Conga
Conga, SSL & WebServices
Dyalog’08 - Elsinore
5
Conga, SSL & WebServices
Dyalog’08 - Elsinore
6
Conga - Summary
• Easier to use than TCPSocket objects: More
reliable applications
• Supports multi-tier, multi-threaded
applications very well
• Supports ”Secure” Communications
• Many coding samples: Web Client, Web
Server, RPC Server, FTP Client, Time Of Day
Server – including Secure Samples
Conga, SSL & WebServices
Dyalog’08
7
Secure Communication
• From version 12.0.3 (August 2008), Conga
supports secure communication via TCP/IP
using SSL/TLS:
• Messages can only be read by the intended
recipient
• The identity of your ”Peer” can be verified
• Messages cannot be modified en route
Conga, SSL & WebServices
Dyalog’08
8
SSL / TLS
• ”Transport Layer Security” (TLS) replaces old
term ”Secure Socket Layer” (SSL)
• Each user (or ”endpoint”) needs:
– A public certificate
– A private key
– And a collection to ”root certificates” from
”certificate authorities”
Conga, SSL & WebServices
Dyalog’08
9
TLS / SSL – How it works?
• You send your Public Certificate
to
everyone you want to talk to
• You keep your Private Key
Secret!
• Information encoded with one of the above
can be decoded using the other
• Allows encrypted communication which
cannot be tampered with or falsified
• (If you trust the ”Certificate Authorities”)
Conga, SSL & WebServices
Dyalog’08
10
Certificate Authorities
• A User Certificate is ”signed” using the private
key of a Certificate Authority (CA)
• Each CA issues a ”Root Certificate” which
can be used to validate
a User Certificate
• Companies can also
issue own certs for
internal use
Conga, SSL & WebServices
Dyalog’08
11
Using TLS from APL ...
• Any sufficiently advanced technology is
indistinguishable from magic.
... Arthur C Clarke (1961)
• In other words: It’s easy
... Let’s take a look
Conga, SSL & WebServices
Dyalog’08
12
Secure Demo
Migrating to Unicode
Dyalog’08 - Elsinore
13
TLS Summary
• With Conga, Dyalog applications can easily use
secure services over the network
• Web Services or Web Servers written in APL
can also be secured
Conga, SSL & WebServices
Dyalog’08
14
Service Oriented APL
• Many APL applications are well suited to
being converted into ”services”
• This makes them very easy to integrate into
almost any modern application
• Can make IT managers and users of other
languages more comfortable about APL
• We believe that SOA opens up many new
avenues for APL-based services
• (using other peoples services is also nice )
Conga, SSL & WebServices
Dyalog’08
15
Web Services
• The most widely used mechanism for
implementing ”SOA”
• Supported by Microsoft, Unixes, Mainframes
– just about any web development tool
• Wikipedia: ”Communication over a network
using XML messages that follow the SOAP
standard”
Conga, SSL & WebServices
Dyalog’08
16
WS Protocols: SOAP
• SOAP: ”Simple” Object Access Protocol (not)
•
<?xml version="1.0"?>
<SOAP-ENV:Envelope SOAP-ENV:
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
<GetStats xmlns="http://localhost/MyWebService/">
<Input>1 2 3 4 4</Input>
</GetStats>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Conga, SSL & WebServices
Dyalog’08
17
WS Protocols: WSDL
• Web Service Description Language
SOA
BAA AGM 2008
18
Introducing SAWS
• Stand-Alone WebService Framework
• Our goal is to make it VERY easy for APL
users to use AND provide ”SOA” components
• Anyone who is able to write an APL function
should be able to:
– Call existing Web Services
– Publish APL functions as Web Services
• SAWS manages the SOAP and WSDL
Conga, SSL & WebServices
Dyalog’08
19
Calling WebSevices
• More and more Public Web Services are
available on the internet
• The number is growing rapidly
• You can Google for them...
Conga, SSL & WebServices
Dyalog’08
20
Google your way...
Conga, SSL & WebServices
BAA AGM 2008, London
21
Weather Web Service
Enterprise Applications
Dyalog’07
22
Calling Weather
Conga, SSL & WebServices
Dyalog’08
23
Providing Web Services
• Any APL Application can be turned into
a WebService using SAWS
• You should provide information that
SAWS can use to build the WSDL
• SAWS handles the rest
Conga, SSL & WebServices
Dyalog’08
24
MyWebService
Conga, SSL & WebServices
Dyalog’08
25
StatCalc fn
Conga, SSL & WebServices
Dyalog’08
26
GetStats fn
SOA
BAA AGM 2008
27
BuildAPI fn
Conga, SSL & WebServices
Dyalog’08
28
Calling GetStats
Conga, SSL & WebServices
BAA AGM 2008
29
GetStats from C#
Conga, SSL & WebServices
Dyalog’08
30
GetStats from C#
Conga, SSL & WebServices
Dyalog’08
31
SAWS TRACE
SOA
BAA AGM 2008
32
SAWS Summary
• Provides complete support for
”consuming” and ”providing” Web
Services
• ... without requiring installation of
infrastructure components like Microsoft
IIS, Apache, IBM WebSphere
• SAWS also exposes a web page as
documentation
Conga, SSL & WebServices
Dyalog’08
33
SAWS Web Page
Conga, SSL & WebServices
Dyalog’08
34
Summary
• ”Service Oriented Architectures” can help APL
integrate with most IT infrastructures
• ”Stand-alone” web servers and services are
very easier to test AND deploy
• Now they are easily secured, they may be all
you need for many applications
• (In some situations, there will be still be good
reasons to integrate with IIS / Apache etc)
Conga, SSL & WebServices
Dyalog’08
35
Conclusion
• Conga and the SAWS framework
provide new, easy-to-use tools for ”webenabling” Dyalog Applicatons
• Conga is already included with v12.0.3.
• SAWS is available now and will be
bundled with v12.1 in 2009
Migrating to Unicode
Dyalog’08 - Elsinore
36