Web Services for Clients
Abstract
The success of the World Wide Web is based upon concepts which have
been made open and free through user agents instead of being
controlled by corporations. Today's web services are also
based on open standards for user agents. New service models
must continue to focus on open support for all services and user
agents, wherever they may be created in the future with respect to
the current clients and servers of the web.
Introduction
This document briefly describes certain existing practices,
emerging standards, and requirements from Netscape / AOL that are
not completely met by either existing practice or the standards
currently in development.
Successful Practices
- A variety of user agents implement standards which can interact
with a variety of servers complying with the same standards.
-
- Browsers implement standard markup languages, encouraging open
implementation of web content and service applications
- ECMAScript is almost universally accepted for describing logic
and processing in web browsers
- Transports (such as HTTP/S, etc.) are layered away from the
message structures (HTML etc.) and envelopes (MIME, etc.).
- Instant messaging and other peer services are becoming
popular
- Servers and user agents exchange data in XML messages using
HTTP request response mechanisms
- URIs, advertisements, search engines, and directories help
users locate services they are interested in
Less-Successful Practices
- Java, ActiveX, and other traditional programming languages have
failed to revolutionize the user agent and are not currently
strategic to most web services
- Cookies associate server-side state with user agent
sessions
- Data and presentation have generally not been separable in user
agents
-
- Data must be resynchronized as each page is visited, even
though the same form could apply to multiple data sets and the same
data set to multiple forms.
- The web server must artificially partition, serve, and
commingle the UI and data as distinct HTML pages.
- Sensitive user data such as credit card numbers is kept on the
server so it can be automatically filled in
- The client is limited to interacting with a single server that
provided the UI
- Support for alternative display devices is difficult at
best
- CORBA and DCOM produce proprietary services because they tie
client and server implementations and environments too tightly
- Single best practices for exchanging data messages have not
emerged
- Standard business objects, models, and directories of services
have not emerged
W3C Activities
- XForms separates presentation from content, starting to make
the following possible:
-
- Permits data and UI to be independently activated and
updated.
- Data may be independently requested and served
- Sensitive or large data stores may be maintained by the user
agent
- Independent requests may be serviced by different servers and
merged in the client
- The new data-centric services encouraged by XForms may permit
servers to more easily interact with other servers
- Alternative UIs can more easily be adapted to interact with the
same data services
- XMLP defines packaging of XML message fragments and remote
procedure calls
-
- This gets service writers thinking in terms of exchanging XML
messages and marshaling programming objects
- This may yield a useful compound processing model for messages
that need more than the existing post and response of XML messages
on HTTP defines
- Remote procedure calls lack specific portable and interoperable
bindings to languages ala CORBA and DCOM, which can preclude
portability of scripted content between different browsers
- Without message-based standards, remote procedure calls may
tend to hardwire implementations (and implementation environments
where no portable bindings have been created)
- The user agents cannot be expected to use these services
portably without at least a standard ECMAScript binding
- XPath, XMLQuery, XSLT, XMLSchema, etc. provide declarative data
querying, transformation and validation.
Netscape / AOL Suggests Standardization Efforts
- Portable XMLP bindings in ECMAScript
-
- Standardized remote service discovery APIs
- Service invocation APIs
- Marshaling and unmarshaling between objects and messages for
SOAP encoding and for arbitrarily customized encodings that may be
implemented in Javascript
- Attaching arbitrary data to the service request
- Validating inbound requests
- Associating inbound requests with service scripts
- Service descriptions
-
- RPC interface based message descriptions
- Message-based service descriptions
- Evolution of service contracts
- Methods for publishing and discovering services
- Peer to peer services
-
- Transports for carrying service messages via instant and email
messages
- Scope and security of downloaded service scripts invoked on
inbound messages
- Processing models for client services
- Persistence to safely maintain state on the client, where state
may be expressed in the form of XML documents, fragments, or
messages