News Stay informed about the latest enterprise technology news and product updates.

Forrester narrows list of specs for Web services

The number of standards and specifications for Web services messaging may seem overwhelming, but Forrester analyst Randy Heffner has narrowed it down to a few for tech conservatives and a few more for the more daring.

Web services developers can spend time keeping track of all the standards floating around or they can devote their time and energy to the few they need for the project they are working on, which is the advice analyst Randy Heffner offers.

The key way to understand the growth of additional specifications is to view what SOAP and WSDL give you as a core messaging model.
Randy Heffner
Vice PresidentForrester Research, Inc.

Heffner, vice president, Forrester Research, Inc., has expended a lot of time the past few months studying SOA and Web services specs and surveying developers working with them and has concluded that conservative adopters working on core connectivity need little more than SOAP and WSDL. He also has recommendations for those he labels more aggressive, but he warns them to look before they leap into a standard or spec where there is little or no evidence that it will actually work in an application.

"What it really comes down to is how conservative are you as a technology adopter and what immediate business value can you get from any of these specs," he said. "The more conservative you are then the fewer of these specs you actually take a look at. If you're more aggressive then you better be building budgets for prototyping and testing and proving these things out before you commit to using them."

Most Web services developers will have to work out a balance between those two extremes, he said. The standards and specifications for conservatives and those for the more aggressive are identified in his Forrester report titled, "Web Services Specifications: Core Web Services."

For the conservative developer, the list is short:

  • SOAP 1.1
  • WSDL 1.1
  • SOAP Messages with Attachments
  • WS-I Basic Profile 1.0
  • WS-I Basic Profile 1.1

In the report he notes: "Only SOAP 1.1 and WSDL 1.1 have near-universal support, so ask your vendors before using any other specifications."

The list for the more aggressive, adds two more specs:

  • SOAP 1.2
  • WS-I Attachments Profile 1.0

With this list, Heffner issues the caveat that at the end of 2006 only about half the vendors supported SOAP 1.2 and support for WS-I Attachments Profile 1.0 was less than that.

While SOAP and WSDL hark back to the early days of Web services, Heffner said they provide the basic foundation on which myriad other standards, proposed standards and vendor specifications rest.

"The key way to understand the growth of additional specifications is to view what SOAP and WSDL give you as a core messaging model," he explained. "If you've got two end points and they both support SOAP, and the development environment supports WSDL, you get a basic connectivity. All the other specs are about improving the quality of service of that basic connection."

Beyond keeping up with advances in SOAP and WSDL at W3C, he recommends that developers keep an eye on what is happening at Web Services Interoperability Organization (WS-I) and not worry too much about following the goings on with other standards bodies or vendor groups.

For more information
WSDL Learning Guide

SOAP with Attachments API for Java (SAAJ)

"The place to really watch, if you're a conservative watcher and you don't want to watch much in the industry about these emerging specifications is WS-I," he said. "It's putting together answers to technical questions that people need answered if they want things to work together for Web services interoperability."

As he notes in his report, the technological conservatives will find much of what they need in the WS-I Basic Profile. For the more aggressive developer needing to put attachments on top of SOAP, Heffner recommends, the WS-I Attachment Profile.

Moving beyond messaging to security, he is a proponent of the WS-I Security profile, along with the OASIS WS-Security standard. "It's a very important standard," he said. "It's been around for a while. It's pretty stable."

As for the myriad of other SOA and Web services specs floating around, Heffner suggests that wait-and-see is the best policy.

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.