Chapter 6. Securing Web Services
Web services are a collection of Internet technologies that expose application functions on the Web and allow machines in different locations to talk to one another. Applications use web services to share and process information—making federated applications. The basic idea is to promote component driven applications and component reuse. You chose what services you are going to provide and build applications that use those services. To best promote the reusability of these services, things must be built similarly.
Hooking different applications together isn't a new idea. Earlier formats such as EDI, RMI, Corba, and RPC have all tried to step up and ride this bull. Each failed to get widespread industry acceptance largely due to their complexity and lack of easy integration. Microsoft's decision to go with XML and SOAP for its RPC solution probably served as the main spark that lit web services—for then everyone finally saw common ground.
Where web services differ from previous attempts is in their standardization on XML and their transport over HTTP. XML provides a standard by which these services can communicate and allows the services to be transparent and readable. Programs can walk up to one another and discover each other's functionality easily without having to know specific implementation details. HTTP provides a common transport protocol that is usually available (open) between firewalls.
The truth is the paint is not entirely dry on this stuff ...
Get Securing Ajax Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.