Richard Seroter's Architecture Musings

Category: BizTalk

  • Go Buy The Book “Professional BizTalk Server 2006”

    I recently purchased a copy of Darren Jefford’s new Professional BizTalk Server 2006 book and am quite pleased with the material.

    I had the pleasure of checking this book out during its construction, and must admit, my first thought during that review was “wow, this is great … but it seems to be a bit of a brain dump.” It seemed like lots of great topics and points, but I didn’t grasp the continuity (probably because I was skipping through chapters, and, reading them out of order). Now that I’m holding the printed copy, I am REALLY impressed with the organization and content. I love the other BizTalk 2006 books out there, but this is now my favorite. I just bought an armful of copies for my team.

    So what’s good about it? My favorite things were:

    • Most thorough investigation of adapters and specific adapter settings and properties that I’ve seen
    • Excellent content on BAM that provided me with a few “lightbulb” moments
    • The most printed material in existence on the Business Rules Engine
    • Outstanding perspectives and details on testing (unit/integration/perf , etc) and tools
    • Strong details on performance tuning (complimentary to the Pro BizTalk 2006 material), and low-latency tuning
    • Sufficient depth on BizTalk Administration, still the most criminally under-documented part of the BizTalk lifecycle

    Great stuff. Darren (and Kevin and Ewan) should be very proud of this effort. This book is simply required reading for any BizTalk architect.

    Technorati Tags:

  • Delayed Validation of Web Service Input to BizTalk

    Back on the old blog, I posted about creating web services for BizTalk that accepted generic XML. In one of my current projects, a similar scenario came up. We have a WSDL that we must conform to, but wanted to accept generic content and validate AFTER the message reaches BizTalk.

    Our SAP system will publish messages in real-time to BizTalk. The WSDL for the service SAP will consume is already defined. So, we built a web service for BizTalk (using the Web Services Publishing Wizard) that conforms to that WSDL. When data comes into the service, BizTalk routes it around to all interested parties. The SOAP request looks like this …

    But what if the data is structurally incorrect? Because the auto-generated web service serializes the SOAP input into a strongly typed object, a request with an invalid structure never reaches the code that sends the payload to BizTalk. The serialization into the type fails, no exception is thrown (because the service call is asynchronous from SAP), and there are no exceptions in the Event Log or within BizTalk. Yikes! The only proof that the service was even called exists in the [IIS 6.0] web server logs. I can see here that a POST was made, but nowhere else can I verify that a connection was attempted.

    So I don’t like that. I want an audit trail that minimally shows me that BizTalk received the message. So, if we change the service input to something more generic (while still conforming to the WSDL), we can get the message into BizTalk and then validate it. How do you make the service more generic? I took the auto-generated BizTalk web service, and modified the method (changes in bold):

    public void ProcessModifySAPVendor([System.Xml.Serialization.XmlAnyElement]System.Xml.XmlElement part)
    {System.Collections.ArrayList inHeaders = null;
    System.Collections.ArrayList inoutHeaders = null;
    System.Collections.ArrayList inoutHeaderResponses = null;
    System.Collections.ArrayList outHeaderResponses = null;
    System.Web.Services.Protocols.SoapUnknownHeader[] unknownHeaderResponses = null;

    // Parameter information
    object[] invokeParams = new object[] {part};
    Microsoft.BizTalk.WebServices.ServerProxy.ParamInfo[] inParamInfos =
    new Microsoft.BizTalk.WebServices.ServerProxy.ParamInfo[]
    {
    new Microsoft.BizTalk.WebServices.ServerProxy.ParamInfo(
    typeof(System.Xml.XmlElement)
    , “part”)
    };

    Microsoft.BizTalk.WebServices.ServerProxy.ParamInfo[] outParamInfos = null;
    string bodyTypeAssemblyQualifiedName = null;
    // BizTalk invocation
    this.Invoke(“ProcessModifySAPVendor”,
    invokeParams, inParamInfos, outParamInfos, 0,
    bodyTypeAssemblyQualifiedName, inHeaders,
    inoutHeaders, out inoutHeaderResponses,
    out outHeaderResponses, null, null, null,
    out unknownHeaderResponses, true, false);
    }

    If you want to see more about the XmlAnyElement, check out this article. So once I modify my service this way, the SOAP request for the service now looks like this …

    The service caller can execute this service operation without changing anything. The same SOAP action and operation name and namespaces still apply. We’ve only made the payload generic. Now, the next step for us was to have a custom receive pipeline that validated the content. Here, on the XmlDisassembler pipeline component, I chose to Validate document structure on the inbound message.

    Now, if I send in a lousy message (bad structure, invalid data types, etc), I get the [IIS 6.0] web server log mention, but I ALSO get a suspended message within BizTalk! The message was able to be received, and only got validated after it had successfully reached the BizTalk infrastructure. Now, I have a record of the message and details about what went wrong …

    Now, I wouldn’t advise this pattern in most cases. Services or components that take “any” object/content are dangerous and a bit lazy. That said, in our case, this is a service that is ONLY called by one system (SAP), and, provides us with a much-needed validation/audit capability.

    Technorati Tags:

  • BizTalk Production Application Deployment Issues Encountered

    This past weekend our company did it’s first significant BizTalk application deployment into a production environment. I encountered a few issues along the way, and I thought I’d list the problem and resolution.

    In order of annoyance to me (from least to greatest):

    • Transport does not have read/write privileges for receive location … We had a network share set up to poll for files, but as soon as we’d turn the port on, we’d get the “privileges” error. We confirmed that the BizTalk service account had read/modify/delete rights on the folder/share. After reviewing some KB articles, I found the answer in Tom’s blog post. Basically, I also needed to assign “delete subfolders and files” rights as well.
    • The identity of application pool ‘BizTalkAppPool’ is invalid … the application pool is disabled. After first installing the HTTPReceive virtual directory on one of our servers, I got this error. After a quick search, I was reminded that the application pool service account needs to be in the IIS_WPG group on the box.
    • The outbound transport could not be resolved because a matching transport protocol prefix could not be derived from the URL . This one killed me for a couple hours. Since my orchestration dynamically assigns a file name for a SharePoint site, I also dynamically assign the SharePoint URL. The WSS URL sits in the btsntsvc.exe.config file and is read at run-time. However, the first orchestrations that executed triggered this error. It implied that my “wss://” prefix for the dynamic send port was wrong. After looking at every possible technical solution, I finally realized that there was a “space” before the ” wss://” address in the configuration file. So, the error made sense, but damn.
    • Failed to decode the S/MIME message.The S/MIME message may not be valid. Our application starts by receiving an email containing formatted text. In the orchestration we parse the text we want and throw away the rest. However, messages were getting suspended at the adapter layer with this error. After reviewing the email message header, I noticed that it was missing any MIME declarations (MIME-Version, Content-Type). So, I deduced that the POP3 adapter’s default parsing behavior was failing because it couldn’t determine MIME encoding of the inbound mail. Ignoring that fact that MIME is a freakin’ standard encoding that any email sender should include, we need(ed) to figure out a way to parse these messages with the POP3 adapter. The solution I’ve put together involves turning off the Apply MIME Decoding flag in the POP3 receive location, then parsing the inbound email string and looking for the “from:” address (since turning off MIME decoding at the receive location means no POP3 promoted values). I think it’ll work.

    Good times.

    Technorati Tags:

  • BizTalk Handling of Exceptions in One-Way Web Services

    I’m currently working on the design of the “fan out” process from our ERP system (SAP) and we’ve had lots of discussions around asynchronous services and exception handling.

    The pattern we’ve started with is that BizTalk receives the message from SAP and fans it out using one-way send ports (and web services) to each interested subscriber. However, some folks have expressed concern about how exceptions within the various services get handled. In a true one-way architecture, BizTalk is never alerted that the service failed, and the service owner is responsible for gracefully handling all exceptions.

    If a .NET developer builds a very plain web service, their web method may be something like this:

    [WebMethod]
    public void DoSomethingCool(CoolObject co) {   throw new Exception(“bad moon rising”);

    }

    So what does this actually generate? If you look, the actual contract generated from this yields a response message!

    You can see there that the service caller would expect a confirmation message back. If BizTalk calls this service, even from a one-way send port, it will wait for this response message. For the service above that fails, BizTalk shows the following result:

    The proper way (as opposed to the lazy way above) to build a one-way .NET web service is to add the attribute tag below.

    [SoapDocumentMethod(OneWay = true)]
    [WebMethod]
    public void DoSomethingCool(CoolObject co) {   throw new Exception(“bad moon rising”);

    }

    If you build THIS service, then the contract looks like this …

    Notice that the only response BizTalk (or any caller) is expecting is a HTTP 200 response. If anything besides the base connection fails, BizTalk won’t know or care. If I call the service now, there is no indication (Event Log, Suspended Messages) that anything went wrong.

    The first web service above is the equivalent of writing the web method as such …

    [SoapDocumentMethod(OneWay = false)]
    [WebMethod]
    public void DoSomethingCool(CoolObject co) {   throw new Exception(“bad moon rising”);

    }

    Setting OneWay=false would force this method to return a response message. So what does this response message REALLY look like? I traced the web service call, and indeed, you get a DoSomethingCoolResponse message that is apparently just eaten up by BizTalk (no need to subscribe to the response) …

    Now what if the web service times out on these “fake” one way calls? Would BizTalk really raise an error, or would it simply say “ok, I sent it, never got a response, but that’s cool.” I added a 2 minute “sleep” to my service and tried it out. Sure enough, BizTalk DID suspend the message (or set it for retry, depending on your settings).

    The only exception that will cause either a two-way OR one-way service to suspend is if the connection fails. If I shut down the web server, calling either type of service results in a suspended (or retry) message like so …

    While it’s super that a service that returns no data can still return a basic success acknowledgement, there are broad implications that need to be thought out. Do you really want BizTalk to catch an exception thrown by your service? If the code is bad, all the retries are going to fail anyway. What about keeping messages in order? Do you really want to use “ordered delivery” and thus block all messages following the “bad” service call? I’m a bigger fan of letting the service itself catch the exception, log the ID of the object coming in, and on a scheduled basis, go retrieve the actual data from the system of record, vs. trying to make BizTalk keep things all synchronized.

    Any architecture experiences with one-way services or patterns you wish to share? Talk to me.

    Technorati Tags:

  • Calling Inline .NET Code From Inline XSLT In BizTalk

    A while back I wrote about calling external assemblies from within a BizTalk map. A problem I mentioned was that the member variable in the class that the map was calling seemed to be getting shared amongst execution instances. Each map creates a sequential page number in the XSLT and puts it into the destination XML. However, I’d see output where the first message had pages “1..3..5..7..8” and the second message had pages “2..4..6..9.” Very strange. I thought I fixed the problem, but it surfaced today in our Test environment.

    So, I set out to keep everything local to the map and get rid of external assembly calls. After banging my head for a few minutes, I came up the perfect solution. I decided to mix inline script with inline XSLT. “Madness” you say? I built a small test scenario. The map I constructed looks like this:

    In the first Scripting functoid, I have “inline C#” selected, and I created a global variable. I then have a function to increment that variable and return the next number in sequence.

    Did you know that you could have “global variables” in a map? Neat stuff. If I check out the XSLT that BizTalk generates for my map, I can see my function exposed as such:

    Now I know how to call this within my XSLT! The second Scripting functoid’s inline XSLT looks like this:


    Notice that I can call the C# method written in the previous functoid with this code:

    <xsl:value-of select=”userCSharp:GetPageNumber()”/>

    The “prefix” is the auto-generated one from the XSLT. Now, all the calculations are happening locally within the map, and not relying on outside components. The result of this map is a document that looks like this:

    There you go. Using global variables within a BizTalk map and calling a C# function from within the XSLT itself.

    Technorati Tags:

  • BizTalk ESB Guidance In The Wild

    Well, thanks to Chris for letting me know that ESB Guidance for BizTalk Server was added to Codeplex.

    I’m actually deploying an application this week based on the Exception Management code. I changed it around a bit, but having these bits accelerated my development significantly. Now I need to find a way to upgrade to these current components!

    Technorati Tags: ,

  • BizTalk Server and SOA Software Together, Part IV

    [Series Links: Part I / Part II / Part III / Part IV]

    In the first three parts of this series, I’ve shown you how SOA Software enables “last mile” web service management and configuration. Now, let’s focus on HOW you call a service that is managed by SOA Software Service Manager. If you add a policy to a service which requires specific authorization headers, then clearly you expect the service caller to add those headers. However, a developer probably doesn’t want to get bogged down in adding SAML tokens or applying digital signatures.

    SOA Software provides a Gateway Service which sits in between the client and service endpoint. A .NET/Java SDK is provided for clients to interact with this Gateway Service. Using the SDK, developers can work with an API that provides support for:

    • SOA Software Service Manager security
      • Encryption / decryption, signing / verifying, compression / decompression, credentials
    • WS-Encryption / WS-Decryption
    • Transport neutrality (choose HTTP, HTTPS, JMS)
    • Dynamic binding (based on UDDI)
    • Endpoint auto-configuration

    So, by using functions in a rich SDK API, the developer can avoid building complexity and guesswork into the construction of a service message managed by a robust policy. Now, let’s make it even easier. The last option in my list above (“Endpoint auto-configuration”) means that instead of asking the service caller to know how to pack up the service payload, do it for them.

    Within the SOA Software Service Manager you can set up a friendly identifier for the web service. Then, from client code, you can use the Gateway SDK to lookup all the policy information for a given service, and build up the message accordingly. That is, the developer writes 1 line of code to apply all the necessary policy bindings. The Gateway service then receives this command (auto-configuration) from the client, and packs up the message with a format required by the policy before forwarding the service call on to the destination. Cool!

    Now if I call a SOA Software managed web service (which has an “authentication” component in its policy) from BizTalk using the standard SOAP adapter (with an orchestration feeding it), I get the following error:
    Error details: SoapHeaderException: An error has occurred authenticating based on Credentials

    Great! So how do we get around this? My first thought was a pipeline component which would call the Gateway SDK code. I tried this, but it failed. The Gateway SDK code needs to be on the same calling thread as the actual service call. So, I needed to move this code as close to the adapter as possible. Thanks to the stud support folks at SOA Software, they suggested doing a SOAP send port with a proxy class (versus using the default “Orchestration web port” settings). So, I auto-generated a proxy class using wsdl.exe, and added the “gateway bridge” code to the corresponding web method.

    My send port then looked like this …

    I also had to change the send port’s URL to point to the Gateway service URL. So now, no part of my project points to the ACTUAL web service. Rather, I point to the Gateway service which adds all the necessary policy code before forwarding traffic to the real web service endpoint. Making these changes resulted in BizTalk working perfectly. No custom adapters, no need to unnecessary interject orchestration and fairly simple maintenance.

    Now, one concern I had was that using this architecture, my service caller (e.g. BizTalk) forwards a web service call to another box hosting the Gateway service, which then forwards the message on to the final service endpoint. Because service policy information is applied by the Gateway service, I can be confident that no one can sniff or tamper with messages leaving the Gateway machine. However, what about that call from my client TO the Gateway? Do I now have to do some HTTPS transmission JUST to get the Gateway?

    Thankfully, the SOA Software folks thought of this. A parameter in the API call to the Gateway actually enables the payload to be fully encrypted. How do I test this? I’m using the great tools from PocketSOAP. You could use TCPTrace, but I actually like ProxyTrace more since the BizTalk setup is trivial. Using ProxyTrace, I can see the actual message being sent by the BizTalk SOAP adapter.

    After you start ProxyTrace (and tell it which port to listen on), you simply change your SOAP adapter (or HTTP adapter) “Proxy” tab like so:

    Once I call my service, I can now see the raw payload sent it, and the raw data returned. As you can see below, my message to the Gateway is in clear text (the password has been automatically hashed), and no funky policy headers have been applied yet.

    If I rebuild my SOAP proxy class (which contains the Gateway SDK code) to have the “encryptMessage” set to “true”, then my transmission out of the BizTalk box looks like this:

    I love that. Very simple, quite effective. If I check the recorded message in the SOA Software Service Manager portal site, I can see that after the Gateway processes the message, all the required policy elements have been added.

    Takeaway: To attach management and policy functionality to a service does NOT require changing anything in the service itself. No changing configuration files, code, etc. To CALL a service that is managed by SOA Software, you can use either the Java or .NET Gateway SDK to abstract the actual complexity required to attach relevant policy data.

    Great stuff. These folks are working on cutting-edge things, and I’m constantly surprised at the overall thoughtfulness and completeness of their platform. Highly recommended.

    Technorati Tags: ,

  • BizTalk Server and SOA Software Together, Part III

    [Series Links: Part I / Part II / Part III / Part IV]

    In the last post we looked at how SOA Software is used to manage and maintain web services. Today, let’s look at how we can configure web service “policies” to do everything from encryption to load balancing.

    So far we’ve seen that a give service managed by SOA Software can have a “policy” attached to it. What is a “policy” really? The types of policies we’ll look at here include “management” policies, “SLA” policies, and “access” policies. For a BizTalk developer, think of a management policy as a pipeline. The management policy configuration page looks like this:

    You have a series of components to handle the request message, and series of components to handle the response message. Again, very much like a BizTalk pipeline. For the Record component in this template, you can configure it as such:

    You can snag either the entire payload, or choose to grab only a specific record(s). Odds are, you’d only have a policy do this much recording of data during a test or debugging scenario. But, it’s quite useful if you’ve got a series of complex components (encryption, etc) and want to print out the result after a particular stage.

    The Security policy component is quite powerful. You can perform authentication checks to ensure that the service client is a valid user in a defined identity system. After choosing which identity system the policy should confirm against, you next choose the means of capturing the actual identity. Choices include SAML, x509 certificates, HTTP Basic Auth, and more. From this component you can also apply or verify digital signatures.

    If you choose to, you can also apply WS-Encryption and WS-Decryption capabilities. The WS-Encryption lets you choose the way to encrypt, and then WHAT to encrypt. So you could identify 4 nodes in your SOAP payload that contain sensitive data, and ONLY encrypt those fields.

    You could also choose to manipulate the message a bit by using the Strip Element component. Let’s say that you’ve already verified a signature, or received credentials in the payload that are now unnecessary. You could strip those out before sending the message on to the next hop. Nice.

    For performance reasons, you may also want to use a Caching component. In this case, the Policy will compare the SOAP body/envelope and if it matches an instance in cache, the cached response message is immediately returned.

    Other valuable management policy components include:

    • Authorization
    • Schema Validation
    • Dynamic Management (where you can re-route the service to different service locations based on rules)
    • Data Transformation
    • Compression/Decompression
    • Load Balancing

    Those were examples of “management” policies in SOA Software. You also have the ability to create additional policy types. One interesting one is the SLA Policy. In this type of policy, you can dictate performance-related metrics that should result in a system level alert. For instance, my policy below says that if SOA Software encounters more than 25 SOAP faults in a 1 day period, raise an alert. And remember, this specific policy can be associated with individual services and operations.

    There’s also the concept of Access Policies which can be used to restrict traffic to a given service. If you had an external vendor calling your service, you could create a policy that says that a particular user/company can only execute the service 500 times a day, or, only between the hours of 8am-5pm Monday through Wednesday.

    Now you could have the concern that managing these policies, and who is using them, could be a nightmare. What sort of dependency tracking do you get? The answer is, surprisingly strong reference management. In my Policy Overview screen, I can see how many service operations use a given policy.

    I can then drill even further, and see each operation using a given policy. That alone is useful, but what if a mass update needed to happen? From this view, I can make bulk changes to each service that uses the policy!

    That’s huge. Otherwise, even 50 services could be a challenge to maintain, not to mention 500!

    It’s a fairly safe assumption that the “policy” functionality of SOA Software is where you find significant business value. All of these policies are applied, and enforced, without touching your service, or creating code. I suspect that my company will use the security-related components most frequently. The non-security policy components will definitely find a home in various policies, but we’ll see a universal adoption of security components off the bat.

    As you’ve seen so far, managing existing services is easy. The only place where a developer needs to be cognizant of the fact that a service is managed is when they CALL that service. The next post is where I bring it all home. Specifically, how can BizTalk Server (or ANY .NET/Java application) make accurate calls to a service managed by SOA Software?

    Technorati Tags: ,

  • BizTalk Server and SOA Software Together, Part II

    [Series Links: Part I / Part II / Part III / Part IV]

    In the previous post, we did a high level look at SOA Software and the core modules of that platform that my company is using. Now, let’s dig a bit deeper in one of the base subsystems, the Management Server.

    At its core, the SOA Software Management Server allows you to configure your services by applying appropriate policies. The Management Server also provides the monitoring component, but we’ll discuss that in the “monitoring and alerting” post that will follow this one. Here we’ll focus a bit more on registering and managing services using SOA Software.

    To manually register a service, you can start from the SOA Software Service Manager Dashboard. The wizard window asks you for the WSDL of your physical service.


    Then you can choose which operations on the service you wish to manage. “Managing” the operation gives you the ability apply policies, record and monitor data, and so forth.

    Finally, you choose a default policy to use. This can be changed after the wizard is complete.

    Now, SOA Software has the concept of a “virtual service”. These virtual services act as proxies that can be deployed on different machines, and, may be an aggregate of operations from multiple “physical” services. For instance, I may create four different web services that interact with a “vendor” object. Maybe a few operations on two of those services are going to be publicly exposed to outside parties. I can create a single “virtual service” made up of operations from two of those services, and deploy that “virtual service” to a locked down box in the DMZ. The same “physical service” may be part of multiple “virtual services”. Now because you can apply different policies to each operation in a service, it’s conceivable that you attach different policies to the same “physical service” (by virtualizing it) in order to target different audiences. Maybe the “GetVendor()” operation, when used internally, goes through a particular virtual service that only confirms that the user has a valid Active Directory account. However, when “GetVendor()” is exposed publicly, THAT virtual service operation may require a policy that does encryption/decryption AND authentication. Or, you may have a different service level agreement (SLA) for external parties than for those internal users. No problem, just apply different SLA policies to each individual virtual service. When I create a virtual service, I can choose which operations, from which services, to include.


    Note that the physical services being aggregated could be on different servers, and even different application server platforms. No reason I can’t have a virtual service that combines related operations from services in IIS 6.0 and Weblogic.

    Services may also get “auto discovered” if they are deployed to a box with the SOA Software agent running. Once a service is managed (either through auto-discovery, or manually), you open up a wealth of management options for that particular service. The most eye-catching part is the real-time feed of usage data.


    This Flash object updates in real time so that you can see each service call and how long it takes. By mousing over the bars, you can see specific details about the time the operation took to execute. Nice!

    You may think that with all these “virtual services” floating around that it could be a challenge to remember what the correlations are between services. Have no fear, the “Service Relationships” widget provides another Flash-based view of the connection between virtual and physical services.

    By moving your mouse over the “services” in this window, you can see the details about each service in the relationship tree.

    Finally, the Portal provides plenty of ways to see metadata about services and perform maintenance tasks. The “Actions” widget associated with each service exposes various functions.


    You can view a copy of the WSDL, virtualize a given service, and much more. One of my favorites is the “Test Service” function. This actually allows you to execute the service itself. My initial thought was that this would be similar to the ASP.NET Web Services testing page that is shown in IIS. That is, if you have simple type parameters (ints, strings, etc), then test away. However, the default ASP.NET Web Services test page doesn’t allow you to test complex type parameters. HOWEVER, the SOA Software web services tester actually parses out the complex type and lets you test those as well!

    That’s great stuff. Unexpected, and very useful.

    The SOA Software Management Server is a great way to centralize management and ownership of services. The ability to generate proxy services that abstract the underlying services has enormous implications for distributed environments. In the next part of this series, I’ll tackle the Policy Manager subsystem.

    Technorati Tags: ,

  • BizTalk Server and SOA Software Together, Part I

    [Series Links: Part I / Part II / Part III / Part IV]

    Recently, the company I work for purchased a web services management platform solution from SOA Software. This post starts a short series where I will highlight the key features of the platform, and, how to integrate BizTalk with this solution.

    SOA Software provides us with that “last mile” web services capability set that should help my organization realize our vision of a truly enterprise SOA. Specifically, SOA Software provides us with four key functions:

    • Centralized management, including automatic service discovery
    • Fully UDDI 2.0 compliant service registry (UPDATE: UDDI 3.0 compliance as well)
    • Application of service “policy” via configuration
    • Full-featured monitoring and customized alerting

    In this first post, I’ll do a very high level overview of each of those functions.

    Centralized management, including automatic service discovery
    Each of our web servers will have a SOA Software “discovery” agent installed which detects when new web services are deployed to the box. The supported application servers include Websphere, Weblogic, Tomcat and IIS. So this plays very well in a Microsoft, or non-Microsoft shop. Once a web service has been discovered, it can be centrally managed. “Managing” a service can mean applying security policies, establishing service level agreements, apply access/deny rules, and more.

    Fully UDDI 2.0 compliant service registry (UPDATE: UDDI 3.0 compliance as well)
    It’s nice that SOA Software provides us a service registry out of the box. No need to purchase and integrate another company’s registry solution. The registry has a fairly rich “search” capability where I can search for service by name, usage, category and more.


    What are categories? Once a service is managed, you can group the service using user-defined categories. Much nicer than having a registry that just shows a dump of every service with no way to organize them.

    Application of service “policy” via configuration
    While you could potentially do without the previous two features (even though it makes life significantly easier), the SOA Software Policy Manager service is where you really get your money’s worth. Without TOUCHING the code or configuration files of a deployed service, you can apply a “policy” to that service. Because each service is hosted on a web server with a SOA Software management agent, all service requests can be intercepted. SOA Software acts as an intermediary between the service client and service provider. A service policy may include:

    • message logging
    • authentication
    • compression/decompression
    • encryption/decryption
    • validation
    • much more …


    Those are examples of “management” policies. I’ll also show you “SLA” policies, and more in the later post. Each method of a given service can have a different policy attached. I can’t stress how cool this stuff is. When someone builds a service, they don’t have to do anything special for this service management capability. All of it occurs at the management point, not development point.

    Full-featured monitoring and customized alerting
    A robust monitoring module is so important if you want to evaluate service usage trends in your organization. I can capture the payload of the SOAP messages coming in and out of the services. This includes the ability to see the services before/after policies have been applied. The view below shows my message after a SAML token has been applied.

    I can also see various reports about service response time, usage and more. So far, that is just passive reporting. I have to go query for data to discover a problem. What if I have a SLA set up, and NEED to be very proactive about service interruptions or problems? You can subscribe to alerts already configured, or, create your own. I can build an SLA Policy to ensure that if response time goes above a certain amount, or the number of SOAP faults exceeds an acceptable amount, then send me an email message.

    In the next few posts, I’ll show more details about these key subsystems. Finally, I’ll show how BizTalk can call one of these SOA Software-managed services. The service *caller* requires a bit of code (in order to inject the headers necessary to conform to the policies), but SOA Software has made it fairly straightforward.

    Technorati Tags: ,