Databases Reference
In-Depth Information
Drawbacks of gateways
Clients must explicitly target gateway
Services must be configured to only accept requests from gateways to avoid
bypassing of gateway
Service endpoints must be explicitly registered with gateway
•
•
•
Benefits of agents
Provide true end-to-end security
Cannot be bypassed by targeting the service directly
Do not require changes to clients stored in service endpoint
Potentially faster due to less latency
•
•
•
•
Drawbacks of agents
Intrusive into services to be monitored / secured
Cannot convert between transport protocols
•
•
The gateway dilemma
Note that the Service Bus can act in the role of a web services gateway, and it
supports the same policy framework as OWSM. The 11
g
OWSM gateway is not
yet available at the time of writing and the 10.1.3 gateway uses different policy
descriptions that are not compatible with 11
g
. If a gateway is to be used, then a
choice must be made between the 10.1.3 OWSM gateway and using the Service
Bus in that role. The authors feel that the best solution for a gateway currently is
to use the Service Bus in that role, as it will often be used for mediating access to/
from external services. Therefore, this is a logical place to combine security policy
enforcement with access to/from external services. In addition, the Service Bus
supports the same policy model as the rest of the SOA Suite.
Service Bus model
The Service Bus model for securing and monitoring services is a gateway model in
that the Service Bus sits between the client and the service and can apply policies and
monitor performance of services. In the Service Bus model, the policy management
server and the policy enforcement point are both parts of the Service Bus. In 11
g
,
these policies can be set up using the Web Services Manager and thus provide
consistency between the Service Bus and SCA environments, allowing the Service
Bus to operate as a gateway.
