Analyzing the Interoperability of WS-Security and WS-ReliableMessaging Implementations

Abstract

Since their invention as lightweight integration technology about a decade ago, Web Services have matured significantly. Today, major middleware solution vendors as well as industry communities like RosettaNet are propagating Web services even for exchanging business-critical data and implementing inter-organizational business processes. Core enablers for using Web services in this domain are stateful interactions using the Web Services Business Process Execution Language (WS-BPEL) as well as advanced communication features like security and reliability using the WS-Security and WS-ReliableMessaging standard specifications. However, advanced communication features come at the price of complexity which challenges interoperability across different Web services stack implementations. Interoperability, in turn, is a predominant requirement for an integration technology such as Web services, in particular if inter-organizational business processes are supposed to be implemented on top of that technology. This paper approaches the problem of testing the interoperability of the so-called WS-* standards, advanced Web services communication features that are typically defined as SOAP extensions and configured using WS-Policy. Being essential to business process integration, WS-Security and WS-ReliableMessaging are selected as representatives of this group and the two major Java-based Web services stack implementations Metro and Axis2 are tested for interoperability. We operationalize the notion of interoperability for testing WS-* standards, suppose an approach for deriving test cases from WS-* specifications as well as a method for performing the test cases, and we provide a comprehensive interoperability review of the two selected Web services stack implementations