Transcript Spring 2004 Presentation Team03 combined

B2B Web Services Application
Team 3
Muhammad Nadeem
Julian Tsisin
Pat Zamorski
Larry Perrone
Project Vision…
Tom App
http://malikans.net/B2BWebServices/TomApp/public/SearchBooks.aspx
John App
http://malikans.net/B2BWebServices/JohnApp/HomePage.aspx
Project Definition
Building a B2B application for electronic business
transactions between an Online Books Seller and a
Wholesale Book Supplier with the help of web services
invocation.
Benefits of B2B Web Service App
• Build application once
• Easy to continually add new wholesalers
or new on-line retailers
• Easy to add new products
Project Objectives
• Build B2B Web Services Application
• Tom’s Online Books: sell Books for which they do not own the
inventory
• John’s Wholesale Book Supplier has the inventory
• The online book stores use the B2B Web Services to sell
John’s Wholesale Books to the Public
Web Services Scenarios
• Search for books in John’s Wholesale
inventory
• Create order with John’s Wholesale
application
• Confirm order in Tom’s Online Books
application
• View additional customer orders detail
Application Architecture Outline:
• Use case Modeling
• Domain Model
• Implementation Model
– Database Design
– Database Tier
– Business Tier
– Exceptions and Logging
– Web Services
• Data Model
Software Specifications:
•
•
•
•
ASP.Net
VB.Net
SQL Server 2000
Microsoft Visio
Domain Model…
Domain model for John’s Wholesale
Domain model for Tom’s Book
Store
Use Case Model…
Use Cases: John's Wholesale Store
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Information gathered for John's Wholesale Store:
Must be able to accept orders from other vendors, specifically Tom
Needs a way to manage his inventory of books
Needs to be able to view and process orders
Wants his inventory to be secured from unauthorized vendors
Wants to provide access to his book inventory to select vendors
By using extrapolation techniques we can identify the following
use cases for John’s application:
View books
Edit book
View/search orders, with filters for client and order status
Confirm order (flag an order as completed)
Web service use cases
Create orders
Get orders
Search books (filtered by ID, author name, book name, or availability)
Use Cases: John’s Wholesale
Books
John App
Add Books
Edit Books
View Books
View Orders
System Administrator
Confirm Orders
Manage Clients
Manage Web service
Security
Legend:
web services use
case
simple use case
Use Case Context Diagram
John’s Wholesale Book Supplier
Email confirming shipment
Delete Prev Next Reply/All Forward/Inline Open
Inbox
7 of 9
Date: Tue, 4 May 2004 19:05:18 -0700
From: <[email protected]> Add To Address Book
Subject: Your order at Tom's Books has been shipped
To: <[email protected]>
Dear: Patricia Zamorski
Your order with Tom's Books placed on 5/4/2004 2:04:43 PM has been confirmed and shipped. You will
receive your books within a few business days.
The following books have been shipped:
Book Ordered
Author
Angels and Demons Dan Brown
Use Cases: Tom’s Book Online
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Tom's Online Book Store
Tom has slightly more involved requirements because of the customer
interaction. Information gathered for Tom's Online Book Store:
Requires a public area for regular surfers and a secured area for authorized users
Needs to be able to track customer accounts
Must be able to search John’s database for books
Needs a customer login screen
Needs a shopping cart mechanism to let customers add/remove books from their
cart
Needs an area to let customers review their cart and place an order
Needs a way to place orders in John’s application
Wants to let customers view the orders they’ve placed
Needs to have a way to let John’s application notify his system automatically on
order completion
Wants to notify customers by e-mail when their order is completed
Wants a user friendly error page
Wants to display to customers the number of items in their cart in an area that’s
always viewable to the customer
Use Cases: Tom’s Book Online
•
•
•
•
•
•
•
•
•
•
•
•
•
Wants a user friendly error page
Wants to display to customers the number of items in their cart in
an area that’s always viewable to the customer
Again, by using our extrapolation techniques we can
decipher the following use cases for Tom’s application:
Search books (filter by book name, author, or availability)
Add book to cart
Remove book from cart
View shopping cart (Secured)
Create order (Secured)
View customer orders (Secured)
Create customer
Log in customer
Web service use cases
Confirm order
Use Cases: Tom’s Online Book
Store
Tom App
Search Books
Login in Customers
Create Customers
View Customer Order
Customer
Remove Book From
Cart
Add Books To Cart
Remove Books From
cart
View Shopping cart
Create Order
Manage Security
System Administrator
Manage Web Service
Security
Manage Customers
Legend:
web services use
case
simple use case
Use Case Context Diagram
secured use case
Tom’s Online Bookstore Home Page
Email Notification of Purchase
Delete Prev Next Reply/All
Forward/Inline
Open
Inbox
4 of 9
Date: Tue, 4 May 2004 14:02:07 -0700
From: <[email protected]> Add To Address Book
Subject: Your order at Tom's Books has been received
To: <[email protected]>
Dear: Patricia Zamorski
Thank you for your order with Tom's Books. You will be
notified when your order is shipped
Web Services Use Cases
•
•
•
•
•
•
•
•
•
•
•
•
•
Use Case – Search Books
A customer enters Book Name, Author name, and select AvailabilityID [In Stock,
Back Order].
Listing of books with Author Name and Price is shown for the customer.
Use Case – Create Order
Pre Condition:
– A customer has successfully login.
– The customer has added items in shopping cart.
Customer clicks Make Order button. The system generates OrderID.
It sends asynchronous call to JohnWS.
JohnWS creates order data in John Database.
The Customer receives notification about order creation.
Use Case – Confirm Order
John App administrator search orders by Clients Name and clicks Confirm Order
button.
System calls TomWS that updates order status in Tom Database.
TomWS sends notification about order confirmation to JohnApp.
Implementation Model…
The n-tier architecture model
• We used the following product
technologies to build our final application:
• Visual Studio .NET 2002
• SQL Server 2000.
• The application framework employed an
n-tier architecture model, a commonly
used model in more intricate enterprise
systems. A simple diagram of this model is
as below in figure.
Implementation Model
Exception Handling
• One of the most important aspects of
proper system design is exception
handling. Each layer is represented by a
tier in our framework.
• We have a database layer, a business
layer, an ASPX layer, and a Web service
layer.
• By implementing a custom exception class
for each layer, we can easily identify and
trace our exceptions at any point in our
application.
• The figure diagrams the exception flow in
Exception Handling
Web Services Architecture
Sequence Diagram: Search Books
•A customer enters Book Name, Author name, and select AvailabilityID.
• Listing of books with Author Name and Price is shown for the customer.
Sequence Diagram: Create Order
•Customer clicks Make Order button. The system generates OrderID.
• It sends asynchronous call to JohnWS.
• JohnWS creates order data in John Database.
• The Customer receives notification about order creation.
Sequence Diagram: Confirm Order
•Administrator search orders by Clients Name and clicks Confirm Order
button.
• System calls TomWS that updates order status in Tom Database.
• TomWS sends notification about order confirmation to JohnApp.
Web Service Security
Two techniques for Web Services Security
First Technique
• To secure Web services, we have implemented a
custom SOAP header, which is essentially an
inner class definition with some public properties
that get wrapped into the SOAP envelope during
a Web method call.
• By defining properties of this SOAP header
class, we have set properties that allowed the
Web service to determine if the consumer is in
fact authorized to access the application.
Web Service Security
Second Technique
• The second security measure we have
implemented is the lock down of specific
protocols, thus preventing the Web service from
being accessed in certain ways.
• By removing the HttpPost, HttpGet, and
Documentation protocols, we have prevented the
invocation of our Web services via Post and Get,
and also remove the ability to generate WSDL
documents, which could allow unauthorized
users to generate Web references and proxy
classes for our Web services.
Web Services Security
Following figure depicts the protocol policies for John's application.
Data Model…
John App Data Tables
• Client: Table to store clients that are capable of placing
orders with John.
• Order: Stores the details about placed orders.
• Book: Stores Johns inventory of books.
• Availability: Support table storing a list of availabilities.
This table was added by normalizing the Book table and
removing the redundant availability text field and replacing
it with an optimized foreign key integer field to another
table.
• Order_Book_Rel: Many-to-many relationship table
between books and orders. This is required because many
books can be tied to many orders. By simply adding book
IDs and order IDs to this table we remove all redundancy
required to tie orders to books.
ERD for John’s Wholesale
Tom’s App Data Tables
• Order. Used as a singular entity to map
an entire order to a customer. The details
of the order are stored in John's
application.
• Customer. Stores a list of customers who
can log into Tom's application and place
orders.
ERD for Tom’s Online Books
Future Enhancements to
Application
• Add additional wholesalers
• Add additional on-line book sellers
(The Julian Store)
• Link to eBay and other sites for used
books
• Offer customer choice of new or used
books
• Offer customers choice of which
wholesaler to buy the book from (such as
Amazon.com vs. Barnes & Noble)
• Offer new products such as DVD’s &
CD’s
Next Release In Progress:
• Web Services are platform independent
• Therefore, we planned to add a second
on-line retailer – The Julian Store – to be
a Cold Fusion application
• Websites were built
• Call to Web Services not complete at this
time
Cold Fusion: Future Addition
Cold Fusion: Future Addition
Cold Fusion: Future Addition
Cold Fusion: Future Addition
Why .NET?
• From .NET vs. J2EE article
• Written by Gerry Miller, CTO for
Microsoft’s U.S. Central Region
• Communications of the ACM, June
2003/Vol. 46, No. 6
J2EE Shortcomings per Microsoft:
• J2EE has no support for Web Services
• J2EE spec will not contain any native
support for Web services until J2EE 1.4,
which was delayed
• With J2EE either need to use extensions
to J2EE that are not part of the
specification or doing lots of XML parsing
in code
• J2EE is not an open specification – final
specs can only be approved by Sun
.NET Benefits per Microsoft
• Comprised of Common Language
Interface (CLI) governed by standards
body, European Computer Manufacturing
Association (ECMA)
• Microsoft Visual Studio .NET is hailed as
the best development suite on the market
• Allows enterprises to define templates for
consistency across all dev projects
• Allows architects to use graphical design
tools to generate program documentation
.NET Benefits per Microsoft:
• Provides developers with wide choice of
languages and features
• Provides testers a rich debugging
environment to monitor end-to-end
program flow
• 85% less code to be written compared to
J2EE
• Therefore can deliver application faster
• .NET Framework Supports almost 30
languages
Java Pet Shop Study
• Conducted by The Middleware Company
(TMC)
• Conclusions:
– .NET requires 1/5th less code as J2EE
– supports 50-600% more users
(depending on the app server)
– offers nearly twice the transactions per
second on a significantly less expensive
platform with no errors
Our Project Considerations:
• Team is more experienced with .Net
• The software is free for Pace students