Create SOA governance solutions with WebSphere Service Registry and Repository and Tivoli Composite Application Manager for SOA, Part 1: Monitor and control the run time

Learn how to monitor and control run time SOA implementations using IBM® WebSphere® Service Registry and Repository and Tivoli® Composite Application Manager for SOA. This article demonstrates how you can identify rogue services, determine the impact to your business process when a service degrades, and dynamically route requests to the best service endpoint. Part 2 shows how to implement dynamic endpoint selection based on performance metrics.


Rohit Badlaney (, Advisory Software Engineer, IBM

Rohit Badlaney photoRohit Badlaney is an Advisory Software Engineer at IBM in RTP, North Carolina. He is the QA Lead for ITCAM for SOA. You can reach Rohit at

Laura Olson (, Certified Consulting IT Specialist, WebSphere Service Registry and Repository, IBM

Laura OlsonLaura Olson is a Certified Consulting IT Specialist at IBM in Rochester, Minnesota. She specializes in SOA governance. You can reach Laura at

Selorm Agudu (, SOA Specialist and Evangelist, IBM

Selorm Agudu photoSelorm Agudu is an SOA Specialist and Evangelist at IBM. You can reach Selorm at

07 January 2009


SOA gives you the ability to be more agile and resilient as your business changes. However, with the agility and resilience comes complexity. As a result, governance is critical to realizing the full potential of SOA. For successful SOA, you need to have an SOA run time governance solution. An effective solution allows you to govern your SOA from all perspectives, from initial design to run time. This includes:

  • Managing a service and its related artifacts throughout the service’s life cycle from inception to retirement
  • Monitoring and managing what is happening in the run time environments
  • Pro-actively reacting to situations before they become a crisis
  • Authoring and enforcing policies during design, change and run times

This article shows you how to create a robust SOA run time governance solution using WebSphere Service Registry and Repository V6.2 (hereafter referred to as Service Registry), WebSphere Process Server V6.1.2 (hereafter referred to as Process Server), and IBM Tivoli Composite Application Manager for SOA V7.1 (hereafter referred to as ITCAM for SOA). It is intended for architects and specialists who are working in SOA environments and have a basic understanding of SOA governance.

The article introduces Service Registry and ITCAM for SOA. It describes three governance scenarios: identification of rogue services, business impact analysis, and dynamic endpoint selection. Part 2 shows how to implement dynamic endpoint selection and introduces additional governance scenarios, such as automatic enforcement of service level agreements (SLAs) using workflows and service reporting.

To illustrate the capabilities of this integrated solution, we use a SimpleOpenAccount business process application (see Downloads) that was developed with WebSphere Integration Developer V6.1.2 (hereafter referred to as Integration Developer). We registered the VerifyCredit services, which the process invokes, with the Service Registry. We used ITCAM for SOA V7.1 to monitor and manage this application running in Process Server V6.1.2. To run the sample, you need to install:

  • IBM Tivoli Composite Application Manager for SOA V7.1
  • WebSphere Service Registry and Repository V6.2
  • ITCAM for SOA Event Handler for WebSphere Service Registry and Repository - Support Pac 4
  • WebSphere Process Server V6.1.2
  • WebSphere Integration Developer V6.1.2

The SOA run time governance solution

With a top-down approach to SOA, you identify discrete business tasks that may be candidates to become a service. You need a service registry to search if there is already a service that meets the requirements of the candidate service. If there is a match you need to be able to know who the owner is, the life cycle state of the service, how many service versions are deployed, and how that service is performing. If there are no services that meet the requirements then you need to register this candidate service and begin its life cycle.

As services move into production, there is a critical need to control and govern any SOA implementations that do not work as designed. Organizations must have SOA monitoring solutions that monitor production services, identify rogue services, and populate the registry with metadata about service level agreements and performance metrics. The sections below explain how Service Registry and ITCAM for SOA support these requirements.

Figure 1 depicts SOA run time governance solutions. The solution may consist of one or more enterprise service buses. This article focuses on WebSphere Enterprise Service Bus (hereafter referred to as WebSphere ESB), part of Process Server.

Figure 1. IBM SOA run time governance solution
IBM SOA run time governance solution

End-to-end service governance (Service Registry)

Service Registry is a robust, integrated registry and repository, where all SOA artifacts associated with the run time aspects of a service and the metadata about those artifacts are stored and governed. It serves as the authoritative source for SOA artifacts throughout the life cycle from model to assemble, deploy, manage, and eventually retirement. Service Registry is optimized for the run time environment to enable dynamic endpoint selection. It enables the run time to apply policies that are authored, attached and governed in Service Registry, and ensures that proper subscriptions are in place to invoke a service. Later in this article we show how performance metrics from ITCAM for SOA are published to the Service Registry and then used by Process Server to make a dynamic endpoint selection. This gives us end-to-end governance of a service.

The Service Registry enables you to define custom life cycles for SOA artifacts. The life cycle is a state machine that is enforced by a validation framework. This allows you to assign policies that validate the artifacts and determine if the transition to the next life cycle state should occur. It also allows you to specify notifications when the transition occurs. For example, this notification can be an email or it can invoke an external process. Figure 2 shows an example of a service life cycle.

Figure 2. Service life cycle
Service life cycle

Service Registry provides a prescriptive practice for service versioning and service subscription. As your service evolves you will need to maintain all service version life cycles both from a design and operational perspective. For example, you may need to have both service versions operational for a given period of time until all consumers of the service can migrate to a newer version. Figure 3 shows the service version life cycle. Service subscriptions enable you to know who is using the services, which helps in capacity planning for the service.

Figure 3. Service version life cycle
Service version life cycle

Service Registry provides graphical navigation and impact analysis. Figure 4 depicts a graphical analysis of the VerifyCredit service which was registered in the Service Registry as part of the integration demo. There are two versions of the VerifyCredit service and a subscription to service version 1.0. You can also see the artifacts associated with service version 1.0.

Figure 4. Impact analysis of the VerifyCredit service
Impact analysis of the VerifyCredit service

Service Registry provides visibility to the parts within the SOA documents, such as Web Service Definition Language (WSDL), XML Schema Definition (XSD), WS-Policy, and Service Component Architecture (SCA). It parses these artifacts into their logical constructs such as:

  • Services, port types, ports, operations, and messages for WSDL documents
  • Complex type, simple type, element, and attributes for XSD documents

This enables you to easily locate and reuse parts, such as a business object described in an XSD, without having to know the physical file name first. .

We've just touched on a small subset of the Service Registry capabilities. For more information on Service Registry, see Resources.

End-to-end SOA monitoring (ITCAM for SOA)

ITCAM for SOA provides monitoring and management of services and mediations in an SOA environment. It monitors a wide variety of metrics on a large number of application server run time environments and enterprise services buses (including WebSphere ESB, WebSphere DataPower SOA Appliance, and WebSphere Message Broker, hereafter referred to as Message Broker). It also manages mediations in WebSphere ESB.

For supported environments, ITCAM for SOA monitors and performs simple control of message traffic between Web services in the SOA. It relies on a distributed network of data collectors to feed data into IBM Tivoli Monitoring for analysis and management. ITCAM for SOA uses the term services to describe both Web services and other services with well-defined interfaces. Because the definition of a service from an SOA perspective is fairly broad, ITCAM for SOA defines its scope through support for the application server run time environments that host the services.

ITCAM for SOA works in concert with other products to support the logical services management layer in a complete SOA management solution, and to manage the resources that support the services and the ESB layer. All three IBM ESB offerings — WebSphere Enterprise Service Bus, WebSphere Datapower SOA Appliance, and Message Broker — are supported. ITCAM for SOA focuses on discovery and monitoring of services in a wide range of application server runtime environments that are most common in early SOA adoption projects, such as Microsoft® .NET connection software, BEA® WebLogic® server, WebSphere Application Server, CICS® Transaction Server and others. ITCAM for SOA supports production IT environments in key areas of operation, such as status and situation generation.

ITCAM for SOA processes correlation information from the message traffic. The information is used to display topology views in Tivoli Enterprise Portal, and to display pattern and sequence views in the Web Services Navigator. This navigator is an additional graphic display tool provided with ITCAM for SOA to help you analyze your services and interactions between operations.

Run time monitoring (workspaces, metrics and operational flows)

When service requests are processed by an application server or enterprise service bus, ITCAM for SOA dynamically discovers the services and SCA components. Using a set of predefined Tivoli Enterprise Portal workspaces, you can view the services and their metrics (such as response time, number of messages, message sizes, and faults) that have been discovered in your environment. Two of the predefined workspaces are shown in Figure 5 and Figure 6.

Figure 5. Performance summary workspace
Performance summary workspace
Figure 6. Message summary workspace
Message summary workspace

ITCAM for SOA can also discover your service flows dynamically. The service flows are displayed graphically in Operational Flow workspaces (which are also referred to as service-to-service topology workspaces). The Operational Flow workspaces help your operations staff perform SOA diagnostics and root/cause analysis related to your SOA environment. You can drill down into the run time monitoring products from Tivoli to debug issues with your run time application server and ESB environments like Process Server and Message Broker.

Figure 7 shows the service flow of the sample SimpleOpenAccount application. The application consists of a business process, SCA components and three back-end Web service endpoints. The gear icons represent individual operations and the magenta gear icons with pipes represent SCA mediations (components, imports and exports). See the ITCAM for SOA User's Guide for more details on the icons and what they represent.

Figure 7. Operational flow workspace
Operational flow workspace

If you hover your mouse over any of the icons in an Operational Flow workspace, a tooltip displays details on what that icon represents. Figure 8 shows tooltip text for an SCA mediation operation aggregate.

Figure 8. Tooltip for SCA mediation operation
Tooltip for SCA mediation operation

The Interaction Details view is the lower view of the Operational Flow workspace in Figure 10. Instead of showing the operation instances for an entire service flow, it shows you the instances for the selected operation and the callers and target instances of that operation. For each operation instance, you can see where the instance is deployed and its status, which is based on the situations that are open for an operation instance. Figure 9 shows the tooltip for the verifyCredit SCA mediation instance in the Interaction Details view. The tooltip indicates that the mediation instance is deployed on the WebSphere Application Server on the computer. It also shows that the ResponseTimeCritical_610 situation is open for this mediation operation instance and the situation’s status is Critical.

Figure 9. Tooltip for SCA mediation instance
Tooltip for SCA mediation instance
Figure 10. Interaction Details view
Interaction Details view

If you hover your mouse over any of the relationships between icons you see details about the metrics for that relationship. Figure 11 shows an example of tooltip text for call relationship metrics. The metrics can be viewed in graphical or tabular format.

Figure 11. Tooltip for call relationship metrics
Tooltip for call relationship metrics

For more details about the Operational Flow workspaces refer to the ITCAM for SOA User's Guide.

The integrated demo application

The SimpleOpenAccount application is a business process running in Process Server. It accepts a customer’s information and simulates opening a client account. See Download for a project interchange file and a readme file for deploying the application.

As shown in Figure 12, part of the business process does a credit check on the customer. The process calls out to the DynamicServiceSelection mediation module, which selects between three available credit-check services. All three service endpoints implement the VerifyCredit interface for uniformity. The three services are published in Service Registry for discovery by WebSphere ESB.

Figure 12. SimpleOpenAccount business process
SimpleOpenAccount business process

Governance scenario 1:  Identify rogue services

In an ideal SOA environment all production services should be registered in Service Registry. Through its integration with the Service Registry, ITCAM for SOA can identify rogue services in your environment. The product includes a set of Tivoli Enterprise Portal views that help operations staff and subject matter experts identify services that have been deployed to application servers but that are not in Service Registry.

ITCAM for SOA includes a set of Discovery Library Adapters (DLAs) that can discover services stored in Service Registry as well as services observed by the ITCAM for SOA data collectors. These DLAs create XML files that describe the discovered services and that are loaded into the Tivoli Common Object Repository (TCORE) database of ITCAM for SOA. The TCORE data is used to display the list of observed vs. registered services. The DLAs can be scheduled to run using your operating system scheduler facilities. See ITCAM for SOA User's Guide for more details on DLAs shipped with ITCAM for SOA.

Figure 13. Service Registry integration: Discovery of registered and observed services
Service Registry integration: Discovery of registered and observed services

Figure 14 depicts the Services Overview table. This table shows the result of discovering our sample SimpleOpenAccount application by running the Service Registry and ITCAM for SOA DLAs. The Services Overview table shows the registered vs. the observed services in our environment and helps the operations staff and architects take appropriate action to ensure SOA run time governance. Figure 14 also illustrates the use of a custom workspace to access the Service Registry user interface.

Figure 14. Identifying rogue services
Identifying rogue services

Governance scenario 2: Impact analysis of business processes

ITCAM for SOA can identify and show the impact to a business process when services degrade. It provides a set of predefined Tivoli Enterprise Portal views that show the relationship between your services and business processes. The data for these views is obtained by running the Business Process Execution Language (BPEL), ITCAM for SOA and Service Registry DLAs and loading the information into the TCORE database. For the sample SimpleOpenAccount application, we ran the three DLAs using the Windows scheduler.

Figure 15 shows the Services Overview table containing a list of observed vs. registered services. You can select a service in this table and then choose to display the set of business processes that the service participates in.

Figure 15. Selecting a service
Selecting a service

Figure 16 shows the Business Process Details view which illustrates, in graphical format, the services that are used by the SimpleOpenAccount business process.

Figure 16. Displaying the business processes for a service
Displaying the business processes for a service

ITCAM for SOA can also show the set of business processes that a service participates in (using the Operational Flow workspaces). Again, this is done by using the DLAs that come with the product. Figure 17 shows how to display the set of business processes for an operation aggregate in the Operational Flow workspace.

Figure 17. Displaying business process impact
Displaying business process impact

Governance scenario 3:  Dynamic endpoint lookup based on SLA information

A key part of SOA run time governance is the ability to dynamically affect routing decisions by the ESB based on real-time performance monitoring information. ITCAM for SOA can send performance information to the Service Registry directly or through one of the IBM Tivoli event servers such as Tivoli Enterprise Console and Tivoli Netcool/OMNIbus. This performance information is used to update the service metadata, through the ITCAM for SOA Event Handler for Service Registry (hereafter called Event Handler). This way, an enterprise service bus (either WebSphere ESB, WebSphere DataPower, or Message Broker) can make dynamic run time decisions about the health of service endpoints. See Resources for more details on the Event Handler.

Figure 18. Flow for dynamic endpoint lookup
Flow for dynamic endpoint lookup

In our sample application a custom property Status has been added to the metadata of all three service endpoints in the Service Registry. The property is set to available by default. On receiving a credit check request, the verifyCredit SCA mediation in Process Server queries the Service Registry for all services that implement the VerifyCredit interface and that have the Status property set to available. An endpoint from the returned set is selected at random to process the request.

ITCAM for SOA monitors the service traffic and generates a situation event when service requests for services that implement the VerifyCredit interface exceed a five-second threshold (average response time). The situation event is forwarded to Event Handler, which changes the value of the Status property for the affected service endpoint from available to unavailable. Any subsequent credit-check requests will not use this endpoint when Service Registry is queried by the verifyCredit SCA mediation. When the average response time drops below the five-second threshold, the situation event closes. ITCAM for SOA forwards the closed event to Event Handler, which sets the value of Status property back to available. This makes the endpoint eligible again for processing future credit-check requests. Figure 19 shows the metadata properties in Service Registry for ExterianVerifyCreditEndpoint when the Status property is set to unavailable.

Through this dynamic updating of service metadata, the infrastructure ensures that only services that meet an acceptable response-time goal are used for servicing incoming requests. This functionality can be used to extend the flexibility of an SOA infrastructure that uses multiple services by ensuring that only services meeting certain SLA criteria are used for specific requests. This is useful for customer segmentation and other customer satisfaction applications.

Figure 19. Metadata data properties for a service endpoint
Metadata data properties for a service endpoint


In this article we described why SOA run time governance is needed and how an integrated solution consisting of Service Registry, ITCAM for SOA, and an enterprise service bus is both powerful and effective. We introduced the capabilities of both Service Registry and ITCAM for SOA. We then used the sample SimpleOpenAccount business process application to illustrate the solution for three governance scenarios: identifying rogue services, analyzing the impact of services on business processes, and dynamically selecting endpoints based on SLA information. Part 2 shows how to enable smart run time decisions based on information gathered by ITCAM for SOA and stored in the Service Registry.


Project Interchange fileSimpleOpenAccount.zip6.8MB
Readme filereadme.doc900KB



Get products and technologies


developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into Business process management on developerWorks

Zone=Business process management, WebSphere
ArticleTitle=Create SOA governance solutions with WebSphere Service Registry and Repository and Tivoli Composite Application Manager for SOA, Part 1: Monitor and control the run time