I did a day trip to XTECH 2005, where I was presenting on WS-CAF. A very long, but interesting day.
I wasn't presenting until later in the day, so Edd asked me to chair one of the earlier sessions of the day. The presentations I chaired were "Adoption of UBL in Denmark - business cases and experiences" and "Implementing Web Services for Healthcare - Lessons & Pitfalls", which were both very interesting for similar reasons. Firstly, they both talked about the use of ebXML in the public sector (ebXML is a big effort, so if you want to know which aspects of it they're using, I'd encourage you to read the papers), and secondly, the key to their success was pretty much the same: legislation! In one case, any Netherlands company wanting to send invoices to the government has to do it electronically and were given 8 weeks to implement the necessary support within their organisation. I forget the actual figures at the moment, but the government did a "time and motion" study of invoicing and reckoned they could say $100 million annually by doing this. And it all seems to be working!
They were both extremely interesting presentations and the audience asked some good questions that helped to pull more information from the presenters. Overall, I think this time I probably found the chairing experience more interesting than presenting!
I work for Red Hat, where I lead JBoss technical direction and research/development. Prior to this I was SOA Technical Development Manager and Director of Standards. I was Chief Architect and co-founder at Arjuna Technologies, an HP spin-off (where I was a Distinguished Engineer). I've been working in the area of reliable distributed systems since the mid-80's. My PhD was on fault-tolerant distributed systems, replication and transactions. I'm also a Professor at Newcastle University and Lyon.
Sunday, May 29, 2005
Monday, May 16, 2005
WWW2006 update
We're in the process of finalising the PC for the XML & Web Services track of WWW2006. It's shaping up to be a good PC and I hope the quality of papers we get is good too. So, get your thinking hats on and start to write. Although the CFP hasn't gone out yet, and we'll be accepting papers on a wide range of XML & Web Service related topics, this year I'd like to see some papers on fault tolerance and reliability. That topic tends to get overlooked a lot in the early days of any distributed architecture "wave", but I think we're reaching the crest of this wave and things need to change.
Friday, May 13, 2005
Asymmetrical WS-Addressing
I have to admit that I like symmetry for a number of reasons. Nature prefers symmetry in a wide range of areas and it shows up all around us. So, symmetry is good. I know it's not a hard-and-fast rule, but we've followed nature before and I reckon it still has a lot to teach us. And more pragmatically, symmetry just makes sense. To paraphrase Occam's Razor: the simplest solution is probably the right one. So, why make things more complex than they need to be?
So how does this relate to WS-Addressing? Well ever since I started to use it when the Web Services Coordination and Transaction specifications, I've been annoyed by the fact that not everything is a WS-Addr End Point Reference (EPR). Basically in WS-Addr, an EPR is a delivery address for your message and contains the URI of the service as well as other information needed to ultimately deliver that message.
When sending a message, you can define wsa:ReplyTo, wsa:FaultTo and wsa:From all as EPRs. But the actual destination address isn't an EPR! Or more accurately, it's a broken apart EPR: as a receiver, you may have got it in a wsa:ReplyTo, but if you then want to us it to send a response, you have to do some work with it first.
For example, here's a valid wsa header for an input message:
Now in a symmetrical world, I should simply be able to take the wsa:ReplyTo EPR and put it (renamed as wsa:To of course) into the SOAP header of the response message like so:
But no, I can't do that. I have to take everything out of the wsa:ReplyTo and essentially promote the contents to the root, like so:
And as you can see, it's not actually as simple as that - I've got to break apart the ReferenceParameters (which could be arbitrary in size). Why can't I just use the EPR I received as an EPR? It can't be because of deficiencies in the SOAP processing model and I don't see how it adds anything to the architecture/model (if anything it detracts from it).
In short: It does not make sense!
So how does this relate to WS-Addressing? Well ever since I started to use it when the Web Services Coordination and Transaction specifications, I've been annoyed by the fact that not everything is a WS-Addr End Point Reference (EPR). Basically in WS-Addr, an EPR is a delivery address for your message and contains the URI of the service as well as other information needed to ultimately deliver that message.
When sending a message, you can define wsa:ReplyTo, wsa:FaultTo and wsa:From all as EPRs. But the actual destination address isn't an EPR! Or more accurately, it's a broken apart EPR: as a receiver, you may have got it in a wsa:ReplyTo, but if you then want to us it to send a response, you have to do some work with it first.
For example, here's a valid wsa header for an input message:
<S:Header>
<wsa:MessageID>http://example.com/someuniquestring
</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://example.com/business/client1
</wsa:Address>
<wsa:ReferenceParameters>
<foo:dest objid=urn:1234:5678/>
</wsa:ReferenceParameters>
</wsa:ReplyTo>
<wsa:To S:mustUnderstand="1">
mailto:fabrikam@example.com</wsa:To>
<wsa:Action>http://example.com/fabrikam/mail/Delete
</wsa:Action>
</S:Header>
Now in a symmetrical world, I should simply be able to take the wsa:ReplyTo EPR and put it (renamed as wsa:To of course) into the SOAP header of the response message like so:
<S:Header>
<wsa:To>
<wsa:Address>http://example.com/business/client1
</wsa:Address>
<wsa:ReferenceParameters>
<foo:dest objid=urn:1234:5678/>
</wsa:ReferenceParameters>
</wsa:To>
</S:Header>
But no, I can't do that. I have to take everything out of the wsa:ReplyTo and essentially promote the contents to the root, like so:
<S:Header>
<wsa:To>
<wsa:Address>http://example.com/business/client1
</wsa:Address>
</wsa:To>
<foo:dest objid=urn:1234:5678/>
</S:Header>
And as you can see, it's not actually as simple as that - I've got to break apart the ReferenceParameters (which could be arbitrary in size). Why can't I just use the EPR I received as an EPR? It can't be because of deficiencies in the SOAP processing model and I don't see how it adds anything to the architecture/model (if anything it detracts from it).
In short: It does not make sense!
Saturday, May 07, 2005
java.net blog
I've had a blog on java.net for a while, but have found very little time to put something together for a first post. A conversation I had with Greg the other day around the importance of WS-RX and WS-Context got me thinking and I thought I'd write something about WS-Context for the readers of java.net.
Thursday, May 05, 2005
Some more history
Just a couple of links to some things of historial interest to other ex-HP/Bluestoners out there.
Sunday, May 01, 2005
Why transactions are often under used
Back here I mentioned that on many occasions I've come across companies and products that could/should be using transactions when they're not. Obviously the inverse is also the case: the use of transactions when they're simply not needed can leave people with a bad experience and hence averse to looking to transactions in the future, when perhaps they should. So, the reasons for people not using or considering transactions when they are in fact useful can be broken down into two broad categories:
(i) overhead: it's true that you can never get something for nothing. But as we showed here with regard to principles, and I mentioned here with regard to our specific implementation, it doesn't have to be the case that you have to pay dearly (in terms of overhead and cash) to get the guarantees transactions offer. There's always a trade-off to be considered in pretty much any additional functionality you may want to add to an application, whether it's transactions for reliability/consistency, replication for availability/performance, security etc. Rather than think about what negative impact this functionality is going to have on your system, you need to consider what the impact will be on not having it. Now with the likes of security and replication it's fairly evident what benefits they bring most of the time. With transactions it's always a little more difficult, because most of the time you don't see the benefit: it's typically only when a failure happens. Now it is true that failures are not common, but they do happen - network failures, disk failures, memory failures etc. But in that case you should think of transactions like an insurance policy: how often do you claim on your home, car or travel insurance? Probably not that often. But most people will still renew their policies year after year, even when some (e.g., holiday insurance) aren't mandatory. Why? Because you don't want to take the risk and in simple terms the cost of insurance is significantly less than the cost of whatever it is that you're insuring. I'd like to see a time when transactions are seen to be so cheap that they're just part of the infrastructure that people take for granted. I think with something like ArjunaCore and the transaction implementation in Indigo that's starting to look possible.
(ii) education: in some ways this follows on from the above discussion, where people (architects, engineers etc.) either have a bad previous experience of transactions or have heard rumours. However, there are at least a couple of other sides to this: first, people (biz-dev as well as engineers) simply not knowing that transactions exist (computer science is a large field, so it's not always the case that everyone knows about every one of its facets). More worrying though is the second aspect, which I've seen a few times - vendors of products that really could (and should) benefit from transactions not using them because they either don't understand the reasons why they need them (education again) or they don't want the perceived overhead in their products and are willing to take the risk (on behalf of all of their customers) that failures won't ever happen; and they may do it "silently". It's this last point that always annoys me and not simply because I've been working with transactions for a long time: if you go back to the insurance analogy, it's the equivalent of you buying insurance but the insurance company simply pockets the money and if/when you come to make a claim they feign ignorance, leaving you up the proverbial creek without a paddle. By the time you know there's a problem, it's already too late!
I think that there's a lot that we as a transaction industry can do to help this, through education, evangelising and improved product functionality/performance. But I also think there's a lot that the user can do, for instance by considering what the effects of failures might be in certain scenarios and, particularly in the case of 3rd party products/components where you might have been told failures "are handled", drill down into the "hows" and "whys" rather than just taking it for granted. You don't buy insurance from just anyone; you use trusted parties, such as banks, where trust is built up and the products assured and backed by the law. It's a shame we don't have something equivalent for software.
(i) overhead: it's true that you can never get something for nothing. But as we showed here with regard to principles, and I mentioned here with regard to our specific implementation, it doesn't have to be the case that you have to pay dearly (in terms of overhead and cash) to get the guarantees transactions offer. There's always a trade-off to be considered in pretty much any additional functionality you may want to add to an application, whether it's transactions for reliability/consistency, replication for availability/performance, security etc. Rather than think about what negative impact this functionality is going to have on your system, you need to consider what the impact will be on not having it. Now with the likes of security and replication it's fairly evident what benefits they bring most of the time. With transactions it's always a little more difficult, because most of the time you don't see the benefit: it's typically only when a failure happens. Now it is true that failures are not common, but they do happen - network failures, disk failures, memory failures etc. But in that case you should think of transactions like an insurance policy: how often do you claim on your home, car or travel insurance? Probably not that often. But most people will still renew their policies year after year, even when some (e.g., holiday insurance) aren't mandatory. Why? Because you don't want to take the risk and in simple terms the cost of insurance is significantly less than the cost of whatever it is that you're insuring. I'd like to see a time when transactions are seen to be so cheap that they're just part of the infrastructure that people take for granted. I think with something like ArjunaCore and the transaction implementation in Indigo that's starting to look possible.
(ii) education: in some ways this follows on from the above discussion, where people (architects, engineers etc.) either have a bad previous experience of transactions or have heard rumours. However, there are at least a couple of other sides to this: first, people (biz-dev as well as engineers) simply not knowing that transactions exist (computer science is a large field, so it's not always the case that everyone knows about every one of its facets). More worrying though is the second aspect, which I've seen a few times - vendors of products that really could (and should) benefit from transactions not using them because they either don't understand the reasons why they need them (education again) or they don't want the perceived overhead in their products and are willing to take the risk (on behalf of all of their customers) that failures won't ever happen; and they may do it "silently". It's this last point that always annoys me and not simply because I've been working with transactions for a long time: if you go back to the insurance analogy, it's the equivalent of you buying insurance but the insurance company simply pockets the money and if/when you come to make a claim they feign ignorance, leaving you up the proverbial creek without a paddle. By the time you know there's a problem, it's already too late!
I think that there's a lot that we as a transaction industry can do to help this, through education, evangelising and improved product functionality/performance. But I also think there's a lot that the user can do, for instance by considering what the effects of failures might be in certain scenarios and, particularly in the case of 3rd party products/components where you might have been told failures "are handled", drill down into the "hows" and "whys" rather than just taking it for granted. You don't buy insurance from just anyone; you use trusted parties, such as banks, where trust is built up and the products assured and backed by the law. It's a shame we don't have something equivalent for software.
A belated review for Eric's latest book
Web Services specification architecture book
Some of my friends/colleagues from IBM have finally gotten their book out. This gives a view of the Web Services architecture as IBM sees it, along with the specifications they see as fitting into it. Since most (all?) of the specifications are ones that IBM has been working on (in and predominately out of standards bodies), it may not be an objective view, but no one can argue that it's not important to the industry.
Now all I need do is write a review.
Now all I need do is write a review.