web services. 2 internet collection of physically interconnected computers. messages decomposed into...

Web Services

2

Internet

• Collection of physically interconnected computers.

• Messages decomposed into packets.

• Packets transmitted from source to destination using a store-and-forward technique.

• Routing algorithm directs packets to destination

3

Connection-Oriented Protocol

• Prior to the transmission a connection is established between source and destination. Each end maintains state information:– Sequence numbers, acknowledgements provide reliability

• guarantee that packet loss or duplication will be detected• packets arrive in the order they were sent. Destination address

– Buffers, flow control algorthm guarantee transmission rate appropriate to both sender and receiver

– Destination address– Characteristics of connection (e.g., out-of-band

messages)

• Problem: Overhead of setting up and taking down connection.

• Transmission Control Protocol (TCP) is connection-oriented.

4

Hypertext Transfer Protocol (HTTP)

• A high level protocol built on top of a TCP connection for exchanging messages (with arbitrary content)– Each (request) message from client to server is followed

by a (response) message from server to client.

– Facilitates the remote invocation of methods on the server.

• Web: A set of client and server processes on the Internet that communicate via HTTP.

5

Protocol Stack

HTTP

TCP

Link LevelProtocol

Protocol for tranmitting packets between neighboring nodes

Network LevelProtocol End-to-end protocol

Added features to supportclient interactions (reliabilityflow control, ..)

6

Clients and Servers

• Client: browser capable of displaying HTML pages.• Web Server: stores pages for distribution to clients.• Pages identified by Uniform Resource Locator (URL).

– <protocol>: protocol to be used to communicate with host.• Example - http, ftp

– <host_name>: Directory server translates this into the host’s internet address

• Example – www.cs.sunysb.edu becomes 155.233.123.532

– <file_name>: name of file on host.

<protocol>://<host_name>/<file_name>

8

HTTP Request Format

<header> = <field_name> : <value> CrLf<field_name> =

From | -- sender’s e-mail addressAccept | -- acceptable response formatsUser-Agent | -- identifies requestor’s programReferer | -- URL of document containing link

(for generating back links)If-Modified-Since | -- send document only if modified

since <value> (used with GET)Content-Type | -- type of data (application/soap+xml

for SOAP)Host | -- destination host…

<data> = ASCII text (default)

9

Request Methods

• GET – response body contains data identified by argument URL

• HEAD – response header describes data identified by argument URL (no response body)– Use: has page changed since last fetched?

• PUT – request body contains page to be stored at argument URL

10

Request Methods

• DELETE – delete data at argument URL• POST – request body contains a new object

to be placed subordinate to object at argument URL– Use: adding file to directory named by URL– Use: information entered by user on displayed

form

• Others ….

11

Simple Client/Server Interaction I

1. User supplies URL (clicks on link)

http://yourbusiness.com/~items/printers.html

2. Browser translates <host_name> (yourbusiness.com) to host internet address (using name server)

3. Browser assumes a port number of 80 for http (if no port is explicitly provided as part of <host_name> )

• Program at port 80 interprets http headers

12


4. Browser sets up TCP connection to yourbusiness.com at (host address, port number)

5. Browser sends http message GET ~items/printers.html HTTP/1.0 over connection

13

HTTP Response

Status line: <HTTP_version> <status_code> <reason_line> CrLf

Followed by: < header >*Followed by: <data>

14

HTTP Response

<status_code> = 3 digitsEx: 2xx -- success 4xx -- bad request from client 5xx -- server failed to fulfill valid request

<reason_line> = explanation for human reader<header> = <field_name> : <value> CrLf<field_name> = Allowed | -- methods supported by URL

Date | -- creation date for response Expires | -- expiration date for data Last-Modified | -- creation date for object Content-Length | Content-Type | ….

15


6. Server sends response message with requested html page to browser

7. Server releases TCP connection (stateless)8. Browser receives page and displays it

HTTP/1.0 200 Document followsDate: <date>Content-Type: text/htmlContent-Length: integerExpires: date

html document ~items/printers.html goes here

16

Simple Client/Server Interaction II

1. Page displayed by browser is a form with tag<FORM ACTION=“http://yourbusiness.com/servlets/placeorder”

METHOD=…>

2. Client fills input boxes3. If METHOD=GET, client sets up connection to

yourbusiness.com and sends http request:

Values in input boxes encoded as suffix. Since ACTION designates a servlet, server invokes placeorder

GET /servlets/placeorder?name1=value1&name2=value2 HTTP/1.0

17

Simple Client/Server Interaction II

4. If METHOD=POST, client sends http request invoking POST to yourbusiness.com; data contains values in input boxes.POST /servlets/placeorder HTTP/1.0Content-Type: text/……………….Content-Length: 54321

Printer=HP660&Name=Art+Bernstein

18

HyperText Transfer Protocol (HTTP 1.1)

1. Client sets up TCP connection to server named in URL

2. Client sends a request

3. Client receives a response

4. if (server has not disconnected) goto 2

else goto 1

19

Intermediaries

• Frequently browser does not communicate directly with server; communication passes through intermediate node.

• Intermediaries perform several functions.– Security - filter unwanted messages– Protocol conversion - browser and server don’t

speak same protocol– Caching of web pages

20

Intermediary I – Filter Based Firewall

• Provides security

• Client establishes connection to serve,– but proxy is on the path – proxy operates at the network level (form of

router) – proxy discards packets based on source or

destination host address/port number

21

Intermediary II – Proxy-Based Firewall

• Operates at the application level• Client establishes connection to proxy instead of server• Can analyze http header to create finer security policies

– Ex: particular web pages can only be sent to particular clients

• Can do caching of recently requested pages• Can do protocol conversion

– Ex: convert http to ftp (if server doesn’t understand http)

web services. 2 internet collection of physically interconnected computers. messages decomposed into...

Documents