SOAP

From Wikipedia, the free encyclopedia

Jump to: navigation, search

SOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks. It relies on Extensible Markup Language (XML) as its message format, and usually relies on other Application Layer protocols (most notably Remote Procedure Call (RPC) and HTTP) for message negotiation and transmission. SOAP can form the foundation layer of a web services protocol stack, providing a basic messaging framework upon which web services can be built.

As a layman's example of how SOAP procedures can be used, a SOAP message could be sent to a web service enabled web site (for example, a house price database) with the parameters needed for a search. The site would then return an XML-formatted document with the resulting data (prices, location, features, etc). Because the data is returned in a standardized machine-parseable format, it could then be integrated directly into a third-party site.

The SOAP architecture consists of several layers of specifications for message format, message exchange patterns (MEP), underlying transport protocol bindings, message processing models, and protocol extensibility. SOAP is the successor of XML-RPC, though it borrows its transport and interaction neutrality and the envelope/header/body from elsewhere (probably from WDDX).[citation needed]

The Internet Protocol Suite
Application Layer
BGP · DHCP · DNS · FTP · GTP · HTTP · IMAP · IRC · Megaco · MGCP · NNTP · NTP · POP · RIP · RPC · RTP · RTSP · SDP · SIP · SMTP · SNMP · SOAP · SSH · Telnet · TLS/SSL · XMPP · (more)
Transport Layer
TCP · UDP · DCCP · SCTP · RSVP · ECN · (more)
Internet Layer
IP (IPv4, IPv6) · ICMP · ICMPv6 · IGMP · IPsec · (more)
Link Layer
ARP · RARP · NDP · OSPF · Tunnels (L2TP) · Media Access Control (Ethernet, MPLS, DSL, ISDN, FDDI) · Device Drivers · (more)

Contents

[edit] History

SOAP once stood for 'Simple Object Access Protocol' but this acronym was dropped with Version 1.2 of the standard.[1] Version 1.2 became a W3C recommendation on June 24, 2003. The acronym is sometimes confused with SOA, or Service-oriented architecture; however SOAP is quite different from SOA.

SOAP was originally designed by Dave Winer, Don Box, Bob Atkinson, and Mohsen Al-Ghosein in 1998, with backing from Microsoft (where Atkinson and Al-Ghosein worked at the time), as an object-access protocol. The SOAP specification is currently maintained by the XML Protocol Working Group of the World Wide Web Consortium.

[edit] Transport methods

SOAP makes use of an Internet application layer protocol as a transport protocol. Critics have argued that this is an abuse of such protocols, as it is not their intended purpose and therefore not a role they fulfill well. Proponents of SOAP have drawn analogies to successful uses of protocols at various levels for tunneling other protocols.[citation needed]

Both SMTP and HTTP are valid application layer protocols used as Transport for SOAP, but HTTP has gained wider acceptance as it works well with today's Internet infrastructure; specifically, HTTP works well with network firewalls. SOAP may also be used over HTTPS (which is the same protocol as HTTP at the application level, but uses an encrypted transport protocol underneath) with either simple or mutual authentication; this is the advocated WS-I method to provide web service security as stated in the WS-I Basic Profile 1.1. This is a major advantage over other distributed protocols like GIOP/IIOP or DCOM which are normally filtered by firewalls. XML was chosen as the standard message format because of its widespread use by major corporations and open source development efforts. Additionally, a wide variety of freely available tools significantly eases the transition to a SOAP-based implementation.

The somewhat lengthy syntax of XML can be both a benefit and a drawback. While it promotes readability for humans, facilitates error detection, and avoids interoperability problems such as byte-order (Endianness), it can retard processing speed and be cumbersome. For example, CORBA, GIOP, ICE, and DCOM use much shorter, binary message formats. On the other hand, hardware appliances are available to accelerate processing of XML messages.[2][3] Binary XML is also being explored as a means for streamlining the throughput requirements of XML.

[edit] Technical critique

Numerous commentators and specialists[citation needed] have discussed the technical advantages and disadvantages of SOAP relative to alternative technologies and the context of its intended use.

[edit] Advantages

  • Using SOAP over HTTP allows for easier communication through proxies and firewalls than previous remote execution technology.
  • SOAP is versatile enough to allow for the use of different transport protocols. The standard stacks use HTTP as a transport protocol, but other protocols are also usable (e.g., SMTP).
  • SOAP is platform independent.
  • SOAP is language independent.

[edit] Disadvantages

  • Because of the verbose XML format, SOAP can be considerably slower than competing middleware technologies such as CORBA. This may not be an issue when only small messages are sent.[4] To improve performance for the special case of XML with embedded binary objects, Message Transmission Optimization Mechanism was introduced.
  • When relying on HTTP as a transport protocol and not using WS-Addressing or an ESB, the roles of the interacting parties are fixed. Only one party (the client) can use the services of the other. Developers must use polling instead of notification in these common cases.
  • Most uses of HTTP as a transport protocol are done in ignorance of how the operation would be modelled in HTTP[citation needed]. This is by design (with analogy to how different protocols sit on top of each other in the IP stack) but the analogy is imperfect (because the application protocols used as transport protocols are not really transport protocols). Because of this, there is no way to know if the method used is appropriate to the operation. This makes good analysis of the operation at the application-protocol level problematic at best with results that are sub-optimal (if the POST-based binding is used for an application which in HTTP would be more naturally modelled as a GET operation). The REST architecture has become a web service alternative that makes appropriate use of HTTP's defined methods.
  • When relying on HTTP as a transport protocol a firewall designed to only allow web browsing cannot simply allow all HTTP-using packets; instead it has to perform more detailed (and thus less efficient) analysis of the HTTP packages.

[edit] See also

[edit] References

[edit] External links

Personal tools