WebEntrance : A Web Service Integrator Based On The Java Web Servers

1. Introduction

We are working on a web service integrator, named WebEntrance [1]. It provides an aggregated web service on top of existing web service systems (as components) with a centralized access control and content customization facility, though each service system may have its own access control facility and provide its own independent service in a remote or a local web site. It implements a flexible and dynamic component bundling mechanism, and can provide personalized service with user selected component sets. It provides a convenient way for new components to be plugged in and to play. The owner of the aggregated web service can decide to keep each component's original branding, add more information, filter out certain content, or customize the presentations. Also, it provides a single user registration and authentication interface for all of the service components that a user selected.

The trend of web service commercialization and personalization usually involves user access control. That means user registration is required in order to obtain a service, and users need to be authenticated each time to access the service, e.g. by providing the user ID and password. The growing number of services on the web and the different authentication facilities implemented by different service systems has inadvertently placed a inconvenience to the web users. For example, a user's ID in one system can not be used in another system due to duplication, and the password validation policy (e.g. the lasting time period, character restrictions, etc.) in one system may be different from another. Consequently, a user has to have multiple user IDs and passwords, and has to be authenticated multiple times to access different. These multiple user IDs and passwords are inconvenient to use and difficult to manage. The WebEntrance can solve this inconvenience problem by providing one common entrance for accessing all of the web services. That means a user needs to register and be authenticated only once at the entrance. Then, the WebEntrance takes care of user registration and authentication to the other corresponding web service components. The WebEntrance also provides users with the convenience of finding all of the interested web services in one place thus saving their exploration time.

The WebEntrance adopts object oriented architecture and design. It is based on the object oriented java web servers and is implemented purely in Java language, therefore, it is platform independent. Currently, it is implemented on Sun's Java Web Server, previous Jeeves [2] [3], and will be ported to other java web servers as well.

2. Architecture

The WebEntrance mainly consists of three sub-systems: a user registration sub- system, a service engine, and an administration sub-system. It is shown in Figure 2.1. The User Registration Sub-system coordinates user registration information with the corresponding service components. The Service Engine accepts requests from web browsers and passes them to the corresponding service components, obtains responses from the components and sends them back to the web browsers. Also, it conveys user authentication information to the corresponding components, and provides various service options. The Administration Sub-system is implemented with a GUI, which provides a convenient mechanism for managing users and web service components, as well as for service and web content customization. There is also a Data Manager which maintains a repository for user, service component, user access group, and component bundling information. It also manages a set of persistent objects to accommodate repository accesses from different threads and processes. This data manager and relevant persistent objects are implemented on the top of JDBC[4], therefore can facilitate the plugging in to different database products.

Figure 2.1. The architecture of WebEntrance

A user needs to register to get services from WebEntrance. The user registration information is propagated to his/her selected web service components or applications by the registration sub-system. Initial groups of service components can be selected during registration. After registration, a user is granted a user ID, a password and a certificate if there is a SSL (Secure Socket Layer) authentication involved in a selected web service component. Then, the user can login to the member service provided by the WebEntrance. After user login, the service engine will authenticate the user and provide a personalized home page to the user which includes all service components the user has selected. When the user clicks a component's hyper-link, the request is sent to the service engine. The service engine compares the user's access to the accessibility requirements possessed by the requested service component. If the user has the correct accessibility, the service engine will get the web content according to the requested URL, and send it back to the user. Also, users may select to post content to the system of a web service component. Optionally, the service engine can also support usage logs and reporting, and an interface to a billing/payment sub-system.

The WebEntrance administration sub-system is implemented in two versions, a server based java application version and a web browser viewable java applets version. The user interface is basically the same in these two versions.

3. Application Scenarios

The WebEntrance empowers a web aggregation service provider by not only providing single login entrance for users, but also being able to change web service components' original branding, customize the presentation, filter out certain content, and put in his own advertisements. Contents from different web service components are made accessible to the aggregation service provider via WebEntrance prior to sending them to the end users. This allows the aggregation service provider to add any appropriate customizations. Through WebEntrance, the aggregation service provider can also provide personalized services. The customers can select pre-bundled web service component groups during initial registration, and they can change their selections any time afterwards. With the use of the WebEntrance's GUI based administration sub-system, an aggregated service provider can add or remove a web service component easily to or from his service site. Also, he can dynamically bundle the service components into different groups, and manage user information and accessibilities to the different groups. Of course, the web service component's update and dynamic bundling will not interrupt customers services.

Two WebEntrance application scenarios are described as follows:

• A new era cool web publication service site: As an aggregated web publication service provider, you can offer all kinds of popular web applications and services that located in elsewhere from your service site, e.g. interactive newspapers and magazines, games, interactive novels,etc.. If you are currently a publisher with a web site, you surely want to try the WebEntrance that routes other interesting web publications to your site, which broadens your content, colors your site, and adds to your attractiveness.
  

• A service site in a company's intranet: In your company, you may want to construct an web service site that aggregates a variety of web services from outside as well as inside your company. Your employees don't need to pay their registration or service fees for the services provided by each individual web service owner, because you handle them in one place and provide employees with accessing convenience. Also, you can customize and filter the web contents.
  

References