A forum to ask questions about WSRR.
The Wikipedia page for WSRR.
Welcome to my Service Registry blog. In my role as a developer for the WebSphere Service Registry and Repository (WSRR) product, I am often asked a variety of questions about how to use WSRR, when to use it and why. A lot of these questions are very interesting and prompt some digging from me, and so I wanted a place to put the answers I discover. This is what this blog is for.
As per the IBM Social Computing Guidelines, I identify myself as David Seager. My role is a developer on the WSRR product in the Hursley lab in the United Kingdom. The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions.
For this first post, I'll outline some online resources that I am aware of for WSRR, in no particular order.
This is a wiki hosted on developerWorks, the goal of which "...is to be a portal for all resources related to WSRR, to help spread information and knowledge about the product".
This is the dW page which lists all the WSRR articles posted on developerWorks. Most articles written about WSRR are posted on developerWorks, so this library is a valuable resource for learning.
developerWorks WSRR Forum
A forum to ask questions about WSRR.
Wikipedia entry for WSRR
The Wikipedia page for WSRR.
Image from developerWorks article "Best practices for BPM and SOA performance".
How does WSRR work with external security directories, such as LDAP, Tivoli Directory Server or Active Directory?
WSRR runs on a WebSphere Application Server (WAS), and it uses the WAS security layer, so whichever directory you wish to use, you configure in the WAS server. Essentially you secure your WAS server and enable Application Security, so WAS requires the user to be from whatever security provider you configure. Once your user logs onto WAS, they are then authenticated with WAS and they can access WSRR with those credentials.
A WSRR administrator then of course needs to map certain users or groups from the security provider to the two WSRR J2EE roles: Administrator and User. Otherwise users cannot log into WSRR at all. I'd recommend mapping groups because then you can manage user memberships on your LDAP server, rather than having to tweak users around from the WAS Administration Console. Mapping users and groups to J2EE roles for the WSRR application is done in the WAS Admin Console. See the following infocenter page for info:
If you need the Role Based Security that WSRR itself enforces, then in the WSRR Web UI you map users or groups to WSRR Roles. Again I'd recommend mapping groups to these roles. See this page for more details:
How does governance work in WSRR? Governance means controlling your services through their life cycle, from the initial conception to being deployed into production, and then deprecated and finally retired from use.
WSRR comes with a profile which contains models, life cycles and policies which show a recommended practice of how to manage services. This profile is called the "Governance Enablement Profile" or "GEP" for short.
Some common questions answered by governance are:
WSRR will model both sides of a Service relationship; the provider of a service, who codes and runs the service somewhere, as well as the consumer of a service, who is using the service to provide function for their application.
Now luckily there is a great introduction to the GEP in the WSRR Information Center, which goes into a lot more detail about how the various objects, life cycles and policies interact to allow you to model Services in WSRR.
Image from the WSRR V8.0 Infocenter.
DavidSeager 110000C5XS Tags:  wsrr datapower soa registry websphere service integration repository 10,177 Views
New in DataPower 5.0 is the feature to attach DataPower mediation policies to things in WSRR, and have DataPower enforce these polices. What can such mediation policies say? They "...can express conditions based on traffic management requirements (for example, QoS or SLM policies), routing directives and schema validation, and invoking data translation stylesheet maps". For example, they can say a web service can only be invoked 5 times per second, and to reject any messages which come in over that. The dW article "SOA governance using WebSphere DataPower and WebSphere Service Registry and Repository, Part 1: Leveraging WS-MediationPolicy capabilities" describes what is possible with mediation policies, how to author these policies in WSRR 8.0, IBM Integration Developer or the DataPower Web GUI.
What this article does not detail is that in WSRR V8.0 you can attach such mediation policies to objects in WSRR which represent the non-functional attributes of a service, either the Service Level Definition (SLD) which describes the service itself, or the Service Level Agreement (SLA) between a service and its consumer. The SLA represents how much of the service a consumer has agreed to use, and so you can add a policy which actually enforces this in DataPower. For example, that a service consumer can only use a service during 9am-5pm weekdays, or only send 10 messages a second.
The new parts of the article, specifically part 3, shows how to use the new WS-MediationPolicy capabilities in WSRR to author specific Service Level Agreements, which you can enforce on the DataPower appliance without manually creating the XSLT or processing rules and actions.
A practical demonstration of the policy enforcement integration is shown in "Using WebSphere Service Registry and Repository V8 and DataPower V5 for service level mediation policy enforcement" which provides a sample web service and instructions on how to register it in WSRR and DataPower, then steps to demonstrate policy enforcement.
Finally, there is an IBM Redbook which covers all of this integration between WebSphere DataPower and WebSphere Service Registry and Repository. The Redbook is called "SOA Policy, Service Gateway, and Service Level Agreement (SLA Management)".
Image from developerWorks article "Enforcing SOA message security policy with WebSphere Service Registry and Repository and WebSphere DataPower".
DavidSeager 110000C5XS Tags:  websphere soa registry wsrr datapower repository policy service ffash demos 5,240 Views
Recently I posted some demonstrations of Service Registry and Repository onto YouTube. The first set show off the Policy features of WSRR: policy authoring, attaching to things in WSRR, promoting to different runtime environments and finally how WebSphere DataPower can use the policies in WSRR. As discussed in my post about DataPower, DataPower will pick up policies attached to Service Level Definitions and Service Level Agreements and use what those policies say to enforce access to a web service. That means you can change how a service is used, how much traffic it will accept, all from inside WSRR, without touching DataPower once the initial subscriptions are set up.
First up is a demo showing authoring policies in the WSRR Business Space interface: