Applications rely on services provided by their hosting server to interact with other applications. These are modeled using the application server/service node. Some examples of services provided by this node include:

• A TCP/IP pipe established using the hosting operating system
• A servlet or Enterprise JavaBean (EJB) invoked by WebSphere Application Server
• The Java Message Service (JMS) or Java 2 Platform, Enterprise Edition (J2EE) Connector application programming interfaces (APIs) provided by WebSphere

Network Infrastructure includes the network infrastructure, which allows connectivity between enterprises. This infrastructure has unspecified internal characteristics. Only the means with which to interact with it are specified.

Connectors provide the connectivity between two components. A connector is always present to facilitate interaction between two components.

Depending on the required level of detail, a connector can be:

• A primitive (or unmodelled) connector, represented by a simple line between components
• A component (or modelled) connector, represented by a rectangle on a line between components

A connector may be an adapter connector, a path connector, or both.

A firewall is a hardware/software system that manages the flow of information between the Internet and an organization's private network. Firewalls can prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets, and can block some virus attacks -- as long as those viruses are coming from the Internet. A firewall can separate two or more parts of a local network to control data exchange between departments. Components of firewalls include filters or screens, each of which controls transmission of certain classes of traffic. Firewalls provide the first line of defense for protecting private information, but comprehensive security systems combine firewalls with encryption and other complementary services, such as content filtering and intrusion detection.

Firewalls control access from a less trusted network to a more trusted network. Traditional implementations of firewall services include:

• Screening routers (the Protocol Firewall)
• application gateways (The Domain Firewall)

A pair of Firewall Nodes provides increasing levels of protection at the expense of increasing computing resource requirements. The Domain Firewall is typically implemented as a dedicated server Node.

See Also

• Protocol Firewall Node

Additional Resources

• (in English) ESS

A firewall is a hardware/software system that manages the flow of information between the Internet and an organization's private network. Firewalls can prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets, and can block some virus attacks -- as long as those viruses are coming from the Internet. A firewall can separate two or more parts of a local network to control data exchange between departments. Components of firewalls include filters or screens, each of which controls transmission of certain classes of traffic. Firewalls provide the first line of defense for protecting private information, but comprehensive security systems combine firewalls with encryption and other complementary services, such as content filtering and intrusion detection.

Firewalls control access from a less trusted network to a more trusted network. Traditional implementations of firewall services include:

• Screening routers, (the Protocol Firewall)
• Application gateways (The Domain Firewall)

A pair of Firewall Nodes provides increasing levels of protection at the expense of increasing computing resource requirements. The Protocol Firewall is typically implemented as an IP Router.

See Also

• Domain Firewall Node

Additional Resources

• (in English) ESS

The directory and security services node supplies information on the location, capabilities, and attributes (including user ID/password pairs and certificates) of resources and users known to this Web application system. This node can supply information for various security services (authentication and authorization) and can also perform the actual security processing, for example, to verify certificates. The authentication in most current designs validates the access to the Web application server part of the Web server, but this node also authenticates for access to the database server.

See Also

• Database server

Additional Resources

• (in English) ESS

The Exposed Broker node is an extension of the Broker node. It exposes external processes to the broker functions within the node. A variation of this would be to use the Exposed Broker to expose internal processes to external partners.

The rules directory contains the rules generally used to control the mode of operation of an interaction, depending on external factors. Examples of such rules are:

• Business data mapping rules (for adapter connectors)
• Process execution rules and intermediate results
• Autonomic rules (such as priority in a shared environment)
• Security rules
• Capacity and availability rules

The rules directory may or may not exist. If it exists, it can still be left off the Runtime pattern when analysis determines that interaction rules are not an important part of the solution, for example.

This Node's function is to provide persistent data storage and retrieval in support of the user to-online buying transactional interaction.

Customer related data that is stored is relevant to the specific business interaction, for example, the shopping cart and shipping address information. Some sites are registering users and storing customer profile data such as address, clothing sizes, preferences, and gift wish lists that others can access when buying presents. Most sites today do not store credit card information on this server for security reasons.

Also stored here is the product and catalog information used to dynamically build HTML pages for presentation during the shopping process.

The mode of DB access is perhaps the most important factor determining the performance of this Web application, in all but the simplest cases. The recommended approach is to collapse the DB accesses into a single or very few calls. This can be achieved using coding and invoking Stored Procedure Calls on the database. Typically many commerce servers share only one database server in a high volume site, so the technology to implement this node must be able to scale vertically.