Note: This profile has been updated as of 26 August, 2005. The second draft of this profile was renamed to the Reliable Asynchronous Messaging Profile (RAMP) 1.0. See Resources for links to the updated profile and introductory material related to the new profile.
The Web Services Interoperability Organization (WS-I -- see Resources) was created to help promote cross-language and cross-platform interoperability when using Web services as a software integration technology. WS-I has released its Basic Profile (BP) (see Resources) and is actively working on its Basic Security Profile (BSP) (see Resources). These profiles go a long way toward improving interoperability in many different scenarios.
However, in order to ensure that its profiles lead to broad interoperability, WS-I requires a very high level of industry consensus on which Web services specifications it will include in its profiles and looks for broad support of those specifications through implementation in products such as application development tools, middleware, and solution components. Because the industry has not yet reached consensus on some of the advanced Web services specifications, it could be some time before WS-I incorporates them into its profiles.
In order to better understand when Web services will be applied and how the technology will be applied, the IBM team of Basic B2B Profile authors have been working in collaboration with our clients. Through these efforts, we have identified some common patterns of Web services usage. One such pattern is that of business-to-business interaction between enterprises, otherwise known as B2B.
Many B2B scenarios require more functionality than what the current set of WS-I profiles provides. Specifically, two types of functionality that are currently not supported by any of the WS-I profiles, yet are required for many B2B scenarios, are asynchronous message exchange patterns, and reliable delivery of messages. The WS-Addressing specification provides the former, and the WS-ReliableMessaging specification provides the latter. These two specifications, together with the WS-I Basic Profile and Basic Security Profile, make up the basis of the guidance provided by the IBM Basic B2B Profile, which should enable the use of Web services to satisfy the requirements of most basic B2B integration scenarios.
It should be clearly noted that this work is not intended to compete with the work of WS-I. Quite the contrary, work on this profile can lay the groundwork for possible future WS-I profiles. It is the express intent of IBM that anyone, including WS-I be free to take this work and expand or refine it as they see fit.
Focus on client and industry requirements
In our independent collaborations with our clients, IBM has gained an understanding of the potential uses for Web services and of the interoperability requirements which must be satisfied if this potential is to be realized. Together with our clients, we have investigated the use cases which developers need to implement, the open Web services standards required to implement these use cases in an interoperable fashion, and the specific aspects of those open standards which are key as these use cases are implemented.
One of the most compelling use cases we have identified thus far is that of providing supply chain integration between business partners using Web services. This use case has broad applicability many industries, so we have chosen to focus initially on the base requirements for enabling B2B integration using Web services.
Given the broad adoption of the WS-I profiles, we found it useful to express the requirements of a use case such as B2B supply chain integration using the same approach taken by WS-I -- developing a profile and corresponding usage patterns. In addition to making this material more understandable to readers, we hope our use of the WS-I approach and templates will reduce the re-work which must be done when WS-I adopts this material as a contribution and begins work on WS-I profiles addressing this functional space.
Industry support for the profile
Through discussions with our clients, it became clear that the IBM Basic B2B Profile has applicability within the automotive industry, particularly, but not exclusively, within the supply chain integration space. All three clients explained to us their need to improve integration, both within their businesses and between their business and their partners. We see the IBM Basic B2B Profile as a solid step toward addressing these requirements believe that its applicability will extend beyond the automotive industry into finance, healthcare, and many other industries. The B2B Profile is being developed so that other more comprehensive profiles can be developed which reference the IBM Basic B2B Profile and extend its scope.
The IBM Basic B2B Profile is being developed using the same set of guiding principles that are being used for the WS-I profiles. The primary motivation is to improve the potential for interoperability by constraining optionality of the underlying specifications and providing guidance as to how the various specifications compose with each other.
Just as with the WS-I profiles, the IBM Basic B2B Profile has a scope that is defined by the set of referenced specifications. The profile attempts to improve interoperability within its own scope by constraining optional features of the referenced specifications, clarifying ambiguities in the referenced specifications, and providing guidelines for use of the referenced specifications, especially in conjunction with one another. The profile does not impose constraints on that which is out of the scope of the profile.
The scope of the IBM Basic B2B Profile is as follows (see Resources for links):
- Basic Profile 1.1
- Basic Security Profile 1.0
- WS-Addressing (W3C Member Submission 10 August 2004)
- WS-Reliable Messaging (February 2005)
In the case of the IBM Basic B2B Profile, two of the referenced specifications in its scope are, in fact, profiles themselves: the WS-I Basic Profile and Basic Security Profile. These provide the underlying messaging, description, and discovery framework basic to all Web services and the message-level security characteristics necessary for many B2B integration scenarios.
The WS-Addressing specification adds the functionality necessary to enable the types of message exchange patterns demanded by B2B integration scenarios. The WS-Reliable Messaging specification adds the reliable delivery semantics required for many B2B integration scenarios.
Constraining the underlying profiles
In developing the IBM Basic B2B Profile, we had initially intended to leverage the referenced WS-I profiles "as-is." However, as we analyzed the client requirements, it became clear that the derivative profile might improve interoperability by further constraining the underlying profiles.
Constraining the Basic Profile
One of the complaints that has been raised by some with regards to the WS-I Basic Profile is that it doesn't go far enough in reducing choice -- specifically, that it permits use of either rpc-literal or document-literal style Web services. Many have suggested that WS-I should have chosen one or the other, and more specifically, that it should have chosen document-literal as the exclusive style of describing a Web service.
The client requirements for use of Web services in the context of B2B interactions within the Automotive community are for use of document-literal style, using the Open Applications Group (OAGIS) BODs. Thus, the profile constrains the referenced WS-I Basic Profile by eliminating the option of using the rpc-literal WSDL authoring style. It is hoped that this constraint of the Basic Profile will help improve interoperability.
Although the profile constrains against use of the rpc-literal style, the profile does provide a definition for the document-wrapped WSDL style, a commonly used pattern for describing what amounts to an RPC using the document-literal style.
Constraining the Basic Security Profile
Although WS-I is still working on finalizing the Basic Security Profile, there is one aspect of the BSP that needed to be further constrained -- the choice of encryption algorithm. The BSP permits use of either RSA 1.5 or RSA Optimal Asymmetric Encryption Padding (OAEP) algorithms. The IBM Basic B2B Profile constrains that choice to the more widely implemented RSA 1.5.
As we get more experience and feedback, we might find it necessary to further constrain the BSP.
While every effort was made to abide by the guidance of the underlying referenced profiles, the fact remains that certain requirements of the Basic Profile proved too constraining. Specifically, WS-I Basic Profile requirements R2714 and R2750 state that the HTTP response message to a one-way operation must have an HTTP response code of "2xx" with an empty entity body, and that the receiver must ignore any SOAP envelope present in the entity body of an HTTP response message. In the context of Web services using WS-Reliable Messaging, certain usage patterns might require a SequenceAcknowledgement to be returned in the HTTP response message (for example, when the RM Source is hidden behind a firewall). In the context of a one-way message, the practice of returning a SequenceAcknowledgement would normally be disallowed by the WS-I Basic Profile. Thus, it was necessary that the IBM Basic B2B Profile explicitly permit this, overriding the constraints imposed by the Basic Profile.
Adding support for asynchronous messaging
While the WS-I Basic Profile enables certain forms of asynchronous message exchange patterns, such as defined in the basic callback usage scenario, it does not specify the means by which the addressing information must be expressed, leaving that to the use of extensibility points.
With the submission of the WS-Addressing specification to the W3C last summer, the industry seems to be coming to a consensus as to the means by which addressing information will be expressed as SOAP header blocks. Thus, the choice of which Web services specification to include in the scope of the profile to address the functional requirements related to asynchronous message exchange patterns was fairly straight-forward.
The profile specifies requirements as to which of the WS-Addressing elements are required to be present in every message (wsa:To, wsa:From, wsa:Action, wsa:MessageId), and which messages must have a soap:mustUnderstand attribute with a value of "1" (wsa:ReplyTo). Additionally, it specifies when it is appropriate to include a wsa:ReplyTo SOAP header block.
An additional requirement has been added that clarifies the expectations in the context of a request message with a wsa:ReplyTo. Specifically, the HTTP response message might be empty (because the response message is intended to be sent to the endpoint specified in the wsa:ReplyTo, instead of being carried in the HTTP response message) and might carry a 202 HTTP response code.
Finally, the profile addresses the composition of WS-Addressing and WS-Security (BSP) by indicating which of the WS-Addressing SOAP header blocks should be digitally signed to protect the integrity of the message.
What about the W3C WS-Addressing specification?
As the work of the W3C Web Services Addressing Work Group progresses toward Recommendation status, we intend to replace the reference to the WS-Addressing Member Submission with the specification(s) produced by the W3C once they reach either Candidate or Proposed Recommendation status.
Adding support for WS-ReliableMessaging (WS-RM)
The choice of a specification to satisfy the reliable messaging requirements for B2B supply chain integration was not as easy, because there are at least two notable specifications from which to choose -- the WS-Reliability OASIS Standard and the WS-ReliableMessaging specification. Ultimately, the decision was made to go with WS-ReliableMessaging because it has been specifically designed to compose with WS-Addressing and WS-Security (as well as a number of other WS-* specs) and because IBM is one of the principle authors of the specification. (In all candor, I am the IBM technical lead and co-editor of the WS-ReliableMessaging specification, so I might be a little biased).
As with WS-Addressing, the profile provides guidance as to which of the WS-RM elements must include a soap:mustUnderstand attribute with a value of "1" (wsrm:Sequence). It also provides guidance as to how the specification should be used in composition with WS-Addressing by constraining against the use of the WS-Addressing Anonymous URI for the wsa:ReplyTo SOAP header block's value in the context of an input (request) message of an operation that is using WS-RM for both the request and response messages of the operation.
Finally, the profile adds guidance regarding composition with WS-Security (BSP) by specifying which of the WS-RM elements need to be digitally signed along with the contents of the SOAP Body, ensuring the integrity of the Sequence (wsrm:Sequence, wsrm:SequenceAcknowledgement).
The IBM Basic B2B Profile published on 4 April 2005 represents the first draft. We fully expect that as we continue to work with our clients to develop usage patterns for the profile, as we receive feedback from the pubic, and as we gain implementation experience through proof-of-concept demonstrations and interoperability testing, the profile will evolve. It is our intent that the profile be periodically updated to reflect any changes.
Ultimately, we hope that the IBM Basic B2B Profile and the usage patterns which are developed to supplement it are taken up by WS-I, revised as needed, and published in Final form by WS-I. We?re eager to see others that are working on the adoption of Web services use this work as the basis for their own (we?re eager to see the Automotive Industry Action Group (AIAG) and other industry sector organizations, such as RosettaNet, referencing the profile and usage scenarios in their work the same way organizations such as HR-XML have begun referencing the WS-I Basic Profile).
Finally, we hope this effort will contribute to Web services becoming a useful integration technology, and to that end we encourage all parties to contribute to this work through our feedback process (see Resources), and take it up to use in their products and solutions.
- RAMP Profile: Enable basic B2B integration scenarios using Web services technologies, plus much more with the new Reliable Asynchronous Messaging Profile 1.0 (formerly known as the IBM Basic B2B Profile -- August 2005).
- Introducing the RAMP Profile: Find out what changed since this profile was first published and learn about the reasons for those changes.
- Find the following profiles and specifications on developerWorks:
- Contribute comments about the IBM Basic B2B Profile by using this feeback form.
- Find the following profiles on WS-I:
- The WS-I Basic Profile 1.1 (August 2004)
- The WS-I Basic Security Profile 1.0 (August 2004)
- To learn more about WS-I, visit the IBM WS-I Portal. You'll find technical documentation, how-to articles, education, downloads, product information, and more.
- Browse for books on these and other technical topics.
- Get involved in the developerWorks community by participating in
developerWorks blogs.
- The IBM developerWorks team hosts hundreds of technical briefings around the world which you can attend at no charge.
- Want more? The developerWorks SOA and Web services zone hosts hundreds of informative articles and introductory, intermediate, and advanced tutorials on how to develop Web services applications.
Chris is an Architect with IBM's Emerging e-business Industry Architecture group. He is actively engaged in the development of Web Services and e-business standards. Chris currently represents IBM on the WS-I Basic Profile WG as editor of the Basic Profile 1.1 specification. He also represents IBM on the W3C Web Services Architecture WG and on the OASIS Technical Architecture Board. Prior to joining IBM, Chris served as chair of the Web Services Architecture WG, as Sun representative on the XML Protocols WG, and as a member of the OASIS ebXML Messaging TC. You can contact Chris at chrisfer@us.ibm.com
Table of contents
- Introduction
- Focus on client and industry requirements
- Industry support for the profile
- Philosophy of the profile
- Scope of the profile
- Constraining the underlying profiles
- Overriding the Basic Profile
- Adding support for asynchronous messaging
- Adding support for WS-ReliableMessaging (WS-RM)
- What's next?
- Resources
- About the author
- Comments
