Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Web services best practices

I want to do best practices now, not later. What functions should be done by the app server? What functions should be performed by dedicated Web service infrastructure? Does a Web service infrastructure exist?
The app server is the right place to implement:

  • Business logic
  • The inner layer of a multi-layer security scheme (typically basic authentication and access control based on abstract roles)
  • A generic Web service interface that can be reused.

    The Web service infrastructure is the right place to implement:

  • Common policies that cut across multiple Web services
  • Monitoring and audit trail creation for regulatory compliance
  • Service level monitoring and response policies for failure to hit service levels
  • The outer layers of a multi-layer security scheme (i.e. malicious attack scanning, mapping of specific requestors to abstract roles)
  • A requestor specific virtual service (known as a Service View) that maps the generic interface into the interface needed by that specific group of requestors. Service views will vary interface elements such as transport used (HTTP vs. MQ vs. TIBCO); standards level supported (for SOAP, WSDL, etc.); security standards/mechanisms (which authentication authority is used, are the messages WS-Security compliant or not); XML document schemas; etc. etc.
  • Dig Deeper on Topics Archive

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.