Web Services Based Architecture in Computational Web Portals By Choonhan Youn B.S. The University of Ulsan, 1991 M.S. Syracuse University, 1998 DISSERTATION Submitted in partial fulfillment of the requirements for the degree of Doctoral of Philosophy in Computer Science in the Graduate School of Syracuse University December 2003 Approved_______________________________ Professor Geoffrey C. Fox Date___________________________________ Abstract Computational web portals provide user environments that simplify access and integrate various distributed computational services for scientists working on particular classes of problems. The computational web portal, Gateway, consists of a dynamically generated and browser-based user interface that adds the client applications and a distributed component-based middle tier, WebFlow. The WebFlow middle tier provides a coarse-grained approach to accessing both stand-alone and grid-enabled back end computing resources. Like most computational web portals, Gateway was originally implemented in a three-tiered structure. This has inherent limitations for building portals that can easily interoperate and share services. Specific application portals are typically built on common sets of core services, so reusability of these services is a key problem in Problem Solving Environment development. In this dissertation we address the reusability problem by presenting a comprehensive view of an interoperable portal architecture, beginning with a set of core services built using the Web services model and application metadata services that can be used to build science application front ends out of these core services, which in turn may be aggregated and managed through portlet containers. Managing multiple versions of services is an important consequence of this issue, and we close with a description of our work on negotiation for version control. These portal services may be implemented in a programming-language and platform independent way using a Web services approach. However, security in Web services for distributed computing systems is an open issue involving multiple security mechanisms and competing standards. In this dissertation we present an implementation of a flexible, message-based security system that can be bound to multiple mechanism and multiple message formats. We have developed QuakeSim portal for the earthquake science by presenting XML schemas and our design for related data services for describing faults, surface displacements, and specific simulation codes. These data services are implemented using a Web services approach and are incorporated in a portal architecture with other, general purpose services for application and file management. We then illustrate how these data models and services may be used to build distributed, interacting applications through data flow. © Copyright 2003 Choonhan Youn All rights Reserved Table of Contents 1 Introduction 1 1.1 Problem Statement and Contributions . 1 1.2 Organization of the Dissertation . 5 2 Survey of Technologies 8 2.1 Web Portal Stacks . 8 2.2 Grids . 10 2.3 Services . 14 2.4 Portlets . 16 2.5 Portals . 17 3 Gateway System 21 3.1 Classic Three-tiered Architecture . 22 3.1.1 Gateway User Interface . 23 3.1.2 Distributed Component-Based Middleware . 25 v 3.2 Gateway Portal Metadata . 27 3.3 Portal services . 28 3.3.1 Job submission . 28 3.3.2 File transfer manipulation . 29 3.3.3 Context (state) creation and management . 29 3.3.4 Batch script generation . 30 3.3.5 Job monitoring . 31 3.3.6 Shared Remote Visualization . 31 3.4 Security requirements . 35 3.4.1 Security in multi-layered architectures . 35 3.4.2 Kerberos security for web application . 38 3.5 Conclusion . 39 4 Web services based Architecture and Core services 41 4.1 Overview of problem . 41 4.2 CORBA and Web Services . 44 4.2.1 The CORBA versus Web Services approach . 44 4.2.2 The performance test . 45 4.2.3 Shortcomings of Web Services . 49 4.3 Web Service-Based Computing Portal Architecture . 50 4.4 Core Web services for Computing Portals . 55 4.4.1 Job submission . 56 4.4.2 File Manipulation . 56 vi 4.4.3 Context Management . 57 4.4.4 Script Generation . 60 4.4.5 Job Monitoring . 61 4.5 Summary . 62 5 Application Web Services (AWS) 63 5.1 Introduction . 63 5.2 AWS proxy component architecture . 65 5.3 AWS Lifecycles . 66 5.4 AWS XML Descriptors . 67 5.5 The AWS deployment and use . 71 6 Web service Security and Negotiation 76 6.1 Introduction . 76 6.2 Secure Web services . 78 6.2.1 Web services security languages . 79 6.2.2 Secure SOAP message format . 81 6.2.3 Message-level security infrastructure . 82 6.2.4 Multiple accesses in a distributed system . 86 6.3 Web service negotiation . 88 6.3.1 Overview . 88 6.3.2 Motivating examples . 90 6.3.3 Offer/Answer model . 92 vii 6.3.4 Implementation . 93 6.4 Summary . 96 7 Application: Distributed Earthquake Modeling Web Portal 97 7.1 Code and project descriptions . 98 7.2 QuakeSim Portal Architecture . 101 7.3 XML Descriptors for Code Input/Outputs . 103 7.4 Implementation of services for the Data Model . 105 7.5 Data Service Architecture . 108 7.6 QuakeSim Portal Toolkits . 112 7.6.1 The user interface for the code submission . 113 7.6.2 The user interface for the File Management and Job Monitoring . 117 7.7 Summary . 118 8 Conclusion and Future Work 120 8.1 Conclusion . 120 8.2 Future Work . 124 8.2.1 The Use of service architecture with proxy-style portal frontended by aggregation portal . 124 8.2.2 Particular services needed . 126 8.2.3 Issues connected to security with different needs in different cases . 127 A WSDL (Web Services Description Language) 129 viii B XML schema 184 Bibliography 199 ix List of Figures 2.1 Web Portal Stacks . 9 3.1 Gateway Portal Architecture . 23 3.2 A container hierarchy of WebFlow Servers . 26 3.3 The architecture of the shared visualization showing the publisher and two collaborating viewers A and B . 33 3.4 The Charon module is used to tunnel HTTP requests over a secure CORBA wire protocol . 39 4.1 Each portal has its own code base for the middleware that can’t be easily integrated with other groups’ middleware . 43 4.2 The measured transfer time for the message.