TP monitor

Published on March 2017 | Categories: Documents | Downloads: 46 | Comments: 0 | Views: 2949
of 50
Download PDF   Embed   Report

Comments

Content

Web server
From Wikipedia, the free encyclopedia

The inside and front of a Dell PowerEdgeWeb server

Web server can refer to either the hardware (the computer or the software (the computer application that helps to deliver Web contentthat can be accessed through the !nternet"#$% The most common use of web servers is to host websites, but there are other uses such as gaming, data storage or running enterprise applications"
Contents
[hide]

1 Overview 2 History 3 Common features 4 Path translation 5 Kernel-mode and user-mode we servers ! "oad limits

o o o

!#1 Causes of overload !#2 $ym%toms of overload !#3 &nti-overload te'hni(ues ) *ar+et share , $ee also - .eferen'es 1/ 01ternal lin+s

[edit]Overview

The primary function of a web server is to deliver web pages on the re&uest to clients using the 'yperte(t Transfer Protocol ('TTP " This means delivery of 'T)* documents and any additional content that may be included by a document, such as images, style sheets and scripts" + user agent, commonly a web browser or web crawler, initiates communication by making a re&uest for a specific resource using 'TTP and the server responds with the content of that resource or an error message if unable to do so" The resource is typically a real file on the server,s secondary memory, but this is not necessarily the case and depends on how the web server is implemented" While the primary function is to serve content, a full implementation of 'TTP also includes ways of receiving content from clients" This feature is used for submitting web forms, including uploading of files" )any generic web servers also support server-side scripting using +ctive .erver Pages (+.P , P'P, or other scripting languages" This means that the behaviour of the web server can be scripted in separate files, while the actual server software remains unchanged" /sually, this function is used to create 'T)* documents dynamically (0on-the-fly0 as opposed to returning static documents" The former is primarily used for retrieving and1or modifying information from databases" The latter is typically much faster and more easilycached" Web servers are not always used for serving the World Wide Web" They can also be found embedded in devices such as printers, routers, webcams and serving only a local network" The web server may then be used as a part of a system for monitoring and1or administering the device in &uestion" This usually means that no additional software has to be installed on the client computer, since only a web browser is re&uired (which now is included with most operating systems "

[edit]History

The world,s first web server

!n $232 Tim 4erners-*ee proposed a new pro5ect with the goal of easing the e(change of information between scientists by using ahyperte(t system to his employer 6E78" The pro5ect resulted in 4erners-*ee writing two programs in $229:

 

+ browser called WorldWideWeb The world,s first web server, later known as 6E78 httpd, which ran on 8e;T.TEP

4etween $22$ and $22<, the simplicity and effectiveness of early technologies used to surf and e(change data through the World Wide Web helped to port them to many different operating systems and spread their use among scientific organi=ations and universities, and then to industry" !n $22< Tim 4erners-*ee decided to constitute the World Wide Web 6onsortium (W>6 to regulate the further development of the many technologies involved ('TTP, 'T)*, etc" through a standardi=ation process"

[edit]Common   

features

Virtual hosting to serve many Web sites using one !P address Large file support to be able to serve files whose si=e is greater than ? @4 on >? bit A. Bandwidth throttling to limit the speed of responses in order to not saturate the network and to be able to serve more clients



Server side s!ripting to generate dynamic Web pages, still keeping web server and website implementations separate from each other

[edit]"ath

translation

Web servers are able to map the path component of a /niform 7esource *ocator (#$L into:

 

+ local file system resource (for static re&uests +n internal or e(ternal program name (for dynamic re&uests

For a static request the /7* path specified by the client is relative to the web server,s root directory" 6onsider the following /7* as it would be re&uested by a client:

http://www.example.com/path/file.html
The client,s user agent will translate it into a connection to www.example.com with the following 'TTP $"$ re&uest:

GET /path/file.html HTTP/1.1 Host: www.example.com
The web server on www.example.com will append the given path to the path of its root directory" An an +pache server, this is commonly /home/www (An /ni( machines, usually/var/www " The result is the local file system resource:

/home/www/path/file.html
The web server then reads the file, if it e(ists and sends a response to the client,s Web browser" The response will describe the content of the file and contain the file itself or an error message will return saying that the file does not e(ist or is unavailable"

[edit]%ernel

mode and user mode web servers

+ web server can be either implemented into the A. kernel, or in user space (like other regular applications " +n in-kernel web server (like T/; on @8/1*inu( or )icrosoft !!. on Windows will usually work faster, because, as part of the system, it can directly use all the hardware resources it needs, such as non-paged memory, 6P/ time-slices, network adapters, or buffers" Web servers that run in user-mode have to ask the system the permission to use more memory or more 6P/ resources" 8ot only do these re&uests to the kernel take time, but they are not always satisfied because the system reserves resources for its own usage and has the responsibility to share hardware resources with all the other running applications" +lso, applications cannot access the system,s internal buffers, which causes useless buffer copies that create another handicap for user-mode web servers" +s a conse&uence, the only way for a user-mode web server to match kernel-mode performance is to raise the &uality of its code to much higher standards, similar to that of the code used in web servers that run in the kernel" This is a significant issue under Windows, where the user-mode overhead is about si( times greater than that under *inu(" #?%

[edit]Load

limits

+ web server (program has defined load limits, because it can handle only a limited number of concurrent client connections (usually between ? and 39,999, by default between B99 and $,999 per !P address (and T6P port and it can serve only a certain ma(imum number of re&uests per second depending on:

    

its own settings, the 'TTP re&uest type, whether the content is static or dynamic, whether the content is cached, and the hardware and software limitations of the A. of the computer on which the web server runs"

When a web server is near to or over its limits, it becomes unresponsive"

[edit]Causes

of overload

+t any time web servers can be overloaded because of:



&oo mu!h legitimate web traffi!' Thousands or even millions of clients connecting to the web site in a short interval, e"g", .lashdot effectC



(istributed (enial of Servi!e attacks" + denial-of-service attack (Do. attack or distributed denial-of-service attack (DDo. attack is an attempt to make a computer or network resource unavailable to its intended usersC



Computer worms that sometimes cause abnormal traffic because of millions of infected computers (not coordinated among them C

 

)SS viruses can cause high traffic because of millions of infected browsers and1or web serversC *nternet bots' Traffic not filtered1limited on large web sites with very few resources (bandwidth, etc" C



*nternet +networ,- slowdowns, so that client re&uests are served more slowly and the number of connections increases so much that server limits are reachedC



Web servers +!omputers- partial unavailability' This can happen because of re&uired or urgent maintenance or upgrade, hardware or software failures, back-end (e"g",database failures, etc"C in these cases the remaining web servers get too much traffic and become overloaded"

[edit]Symptoms

of overload

The symptoms of an overloaded web server are:

 

7e&uests are served with (possibly long delays (from $ second to a few hundred seconds " The web server returns an 'TTP error code, such as B99, B9?, B9>, B9<, or <93, or even <9<, which is inappropriate for an overload condition"

 

The web server refuses or resets (interrupts T6P connections before it returns any content" !n very rare cases, the web server returns only a part of the re&uested content" This behavior can be considered a bug, even if it usually arises as a symptom of overload"

[edit].nti

overload te!hni/ues

To partially overcome above load limits and to prevent overload, most popular Web sites use common techni&ues like:

        

managing networ, traffi!, by using: 0irewalls to block unwanted traffic coming from bad !P sources or having bad patternsC H&&" traffi! managers to drop, redirect or rewrite re&uests having bad 'TTP patternsC Bandwidth management and traffi! shaping, in order to smooth down peaks in network usageC deploying Web !a!he techni&uesC using different domain names to serve different (static and dynamic content by separate web servers, i"e": http:11images"e(ample"com http:11www"e(ample"com using different domain names and1or computers to separate big files from small and medium si=ed filesC the idea is to be able to fully cache small and medium si=ed files and to efficiently serve big or huge (over $9 - $999 )4 files by using different settingsC

 

using many web servers (programs per computer, each one bound to its own network card and !P addressC using many web servers (computers that are grouped together so that they act or are seen as one big web server (see also Load balan!er C

   

adding more hardware resources (i"e" 7+), disks to each computerC tuning A. parameters for hardware capabilities and usageC using more efficient computer programs for web servers, etc"C using other workarounds, especially if dynamic content is involved"

[edit]1ar,et

share

What Is A Web Server?
A web server is a piece of software that enables a website to be viewed using HTTP. HTTP (HyperText Transfer Protocol) is the key protocol for the transfer of data on the web. You know when you re using HTTP because the website !"# begins with $http%&&$ (for exa'ple( $http%&&www.)uackit.co'$). You 'ight be thinking $* always thought a web server was a special( high+powered co'puter$. ,ell( you d be right too. -o'e high+powered co'puters are referred to as web servers as they have been built with web hosting in 'ind. .ut in 'ost cases( when so'eone refers to a web server( they are referring to a piece of software that you install on a co'puter.

What Does a Web Server Look Like?
That depends on which web server you choose to install. Here s an exa'ple of /icrosoft *nternet *nfor'ation -ervices (**-) 0.1 looks like%

The left pane represents the various websites( 2TP sites( and -/TP virtual servers. ,hen an ite' in the left pane is selected( the contents are displayed in pane on the right hand side. *n the above screenshot( there is one website (called $3efault ,eb -ite$)( one 2TP site (called $3efault 2TP -ite$)( and one -/TP virtual server (called $3efault -/TP 4irtual -erver$).

You can right click on an ite' to display it s properties. 2or exa'ple( you can right click on $3efault ,eb -ite$ to display (and configure) the properties of that website.

Do I Need A Web Server?
*f you 'aintain your own web site * reco''end you install a web server on your own develop'ent 'achine. That way you can configure your develop'ent environ'ent to be closer to your live environ'ent. Also( if you intend to use server+side technologies such as PHP or 5old2usion( you will definitely need a web server.

Web Servers are Easy!
You 'ight also be thinking that web servers are way too advanced for you + that they are only used by professional web developers and&or hosting co'panies. Please don t think that6 Think of a web server as si'ply another piece of software you can install on your 'achine. 7nce you install it( you can configure it to suit your needs. And( depending on your co'puter set up( you 'ay even find that you already have a web server on your 'achine. 8ow( having declared that $web servers are easy6$( there are 'any advanced topics regarding web servers. * won t be going into any detail in this tutorial. You can get a web server up and running on your 'achine with a 'ini'u' of technical knowledge. Then once you ve done that( you ll start to beco'e fa'iliar with the various options available to you. Then if re)uired( you can research the 'ore advanced topics to suit your needs (such as security( load issues( logging etc)

Web Servers - Advantages
There are 'any advantages to using a web server within your develop'ent environ'ent. 7f course( in a production hosting environ'ent( a web server is essential. And( depending on your website( a web server could indeed be essential in your develop'ent environ'ent. ,hen * say $develop'ent environ'ent$( * ' referring to a copy of your website( usually on your local 'achine( that you use to perfor' updates before you co''it the' to the live (production) environ'ent. *n practice( you could have 'any copies of your website for different purposes (such as testing( training( protypes etc)( but let s 9ust call it $develop'ent environ'ent$ for now. Here are so'e advantages of using a web server within your develop'ent environ'ent%

• • •

Your local website behaves 'ore like the live one. 2or exa'ple( you can configure directory security( test your custo' error pages etc before co''iting the' to the production environ'ent. You can use server+side scripting languages such as PHP and 5old2usion. Allows you to standardi:e your coding. 2or exa'ple( you can use root+relative paths for your i'age references and hyperlinks (i.e. $&directory&i'age.gif$). *n other words( your paths can represent the website structure( rather than the directory structure of your co'puter. ;nowledge. The knowledge you gain fro' using your own web server will help you understand how it works in the live environ'ent. This will 'ost certainly help you when you need to co''unicate with your hosting provider + you ll be able to use ter'inology that 'akes it easier for the' to understand your re)uest&issue.



Viewing HT L !i"es Witho#t a Web Server

,hen so'eone learns how to code HT/#( chances are( one of the first things they learn to do is how to view their (newly created) HT/# file. They will learn that you can si'ply double click on the HT/# file( and this will launch it in their web browser. And fro' that point on( they can view their web page&website as it was intended to be viewed. Here are so'e exa'ples of what the !"# could look like when viewing a web page without a web server%

• •

file%&&&5%&3ocu'ents<=>and<=>-ettings&Ho'er<=>-i'pson&/y<=>3ocu'ents&index.ht'l file%&&&5%&*netpub&wwwroot&index.ht'l

These exa'ples are using the file protocol in order to display the files.

Viewing HT L !i"es With a Web Server
7ne proble' with the above 'ethod is that( you re not viewing the website using the HTTP protocol (you re using the file protocol instead). 8ow( this isn t nor'ally a proble' if you re only using client side languages such as HT/#( 5--( and client+side ?ava-cript. .ut it is a proble' if you re trying to use a server+side language such as PHP( 5old2usion etc. Also( even if you re not using a server+side language( it could still cause you proble's with developing a website that behaves exactly how it should on the web. ,hen you view a web page via a web server( the !"# begins with $ http://$. Also( the !"# will consist of either an *P address or a do'ain na'e&host na'e. Here are so'e exa'ples of what the !"# could look like when viewing a web page via a web server%

• • • •

http%&&1=@.>.>.1 http%&&localhost http%&&www.)uackit.co' http%&&dev.)uackit.co'

,hen you first set up a web server( you can usually navigate to your default web site using http://localhost or http://127.0.0.1. ,hen you add 'ore websites( you ll need to create your own !"#s for the' (via a 38- server or Hosts file)( then assign that !"# to your websites via your web server.

Web Servers - !eat#res
There s a co''on set of features that you ll find on 'ost web servers. .ecause web servers are built specifically to host websites( their features are typically focussed around setting up and 'aintaining a website s hosting environ'ent. /ost web servers have features that allow you to do the following%

• • • • •

5reate one or 'ore websites. (8o * don t 'ean build a set of web pages. ,hat * 'ean is( set up the website in the web server( so that the website can be viewed via HTTP) 5onfigure log file settings( including where the log files are saved( what data to include on the log files etc. (#og files can be used to analyse traffic etc) 5onfigure website&directory security. 2or exa'ple( which user accounts are&aren t allowed to view the website( which *P addresses are&aren t allowed to view the website etc. 5reate an 2TP site. An 2TP site allows users to transfer files to and fro' the site. 5reate virtual directories( and 'ap the' to physical directories



5onfigure&no'inate custo' error pages. This allows you to build and display user friendly error 'essages on your website. 2or exa'ple( you can specify which page is displayed when a user tries to access a page that doesn t exist (i.e. a $A>A error$). -pecify default docu'ents. 3efault docu'ents are those that are displayed when no file na'e is specified. 2or exa'ple( if you open $http%&&localhost$( which file should be displayedB This is typically $index.ht'l$ or si'ilar but it doesn t need to be. You could no'inate $index.cf'$ if your website is using 5old2usion. You could also no'inate a =nd choice (in case there is no index.cf' file)( and a Crd choice( and so on.



E$a%&"e Web Server
Here s an exa'ple of the $Properties$ dialog box fro' /icrosoft **-. This box is displaying the properties for a single website. To display the box( * si'ply right+clicked on the website and selected $Properties$. You can see that the website has been configured to use the local path of c:\inetpub\wwwroot. ,hat this 'eans is that when you update your website( you need to place your files and folders within that directory. As soon as you do that( your changes will take effect on your website. 7f course( if this is your develop'ent environ'ent( you can si'ply edit the files straight fro' that directory.

How Web Servers Work

henever you view a web page on the internet( you are re)uesting that page fro' a web server. ,hen you type a !"# into your browser (for exa'ple( $http%&&www.)uackit.co'&ht'l&tutorial&index.cf'$)( your browser re)uests the page fro' the web server and the web server sends the page back%

The above diagra' is a si'plistic version of what occurs. Here s a 'ore detailed version% 1. Your web browser first needs to know which *P address the website $www.)uackit.co'$ resolves to. *f it doesn t already have this infor'ation stored in it s cache( it re)uests the infor'ation fro' one or 'ore 38- servers (via the internet). The 38- server tells the browser which *P address the website is located at. 8ote that the *P address was =. C. A. assigned when the website was first created on the web server. 8ow that the web browser knows which *P address the website is located at( it can re)uest the full !"# fro' the web server. The web server responds by sending back the re)uested page. *f the page doesn t exist (or another error occurs)( it will send back the appropriate error 'essage. Your web browser receives the page and renders it as re)uired.

,hen referring to web browsers and web servers in this 'anner( we usually refer to the' as a client (web browser) and a server (web server).

#"ti&"e Websites
A web server can (and usually does) contain 'ore than one website. *n fact( 'any hosting co'panies host hundreds( or even thousands of websites on a single web server. Dach website is usually assigned a uni)ue *P address which distinguishes it fro' other websites on the sa'e 'achine. This *P address is also what the 38- server uses to resolve the do'ain na'e. *t is also possible to configure 'ultiple websites without using different *P addresses using host headers and&or different ports. This can be useful in a develop'ent environ'ent and is )uite easy to do.

'age Not !o#nd
*f the re)uested page isn t found( the web server sends the appropriate error code&'essage back to the client. You can create user friendly error 'essages( then configure your web server to display that page instead of the usual error page. This can add a nice touch to your website. How 'any ti'es have you (or even worse( your visitors) encountered a plain white page with so'e cryptic error 'essage on itB

*t s very easy to create custo' error pages( then configure your web server to use the'.

De(a#"t Do)#%ents
*f you ve ever created a website( you 'ay have found that if you have an $index$ file (index.ht'l for exa'ple)( you don t need to specify the na'e of the file. 2or exa'ple( the following !"#s both load the sa'e page% 1. =. http%&&www.)uackit.co'&ht'l&tutorial http%&&www.)uackit.co'&ht'l&tutorial&index.cf'

*n this exa'ple( $index.cf'$ is the default document. You can configure your web server so that any file na'e can be the default docu'ent. 2or exa'ple( you could configure your web server to use $index.cf'$ in the event no filena'e has been specified( or if you use PHP( $index.php$. You could even specify different default docu'ents for different directories if you like.

SSL *erti(i)ates
You can apply --# certificates against a website via the web server. 2irst you need to generate the certificate either by yourself (i.e. using a certificate generator)( or by a 5ertificate Authority (5A). Then( once it has been generated( you apply it to your website via your web server. Applying an --# certificate to a website is a straight forward task. 7nce you ve applied an --# certificate against a website( you can navigate it using HTTP- (as opposed to HTTP). HTTPencrypts any data that is transferred over the internet. This reduces the possibility of so'e 'alicious person being able to read your users sensitive infor'ation. To navigate a website using HTTP-( you si'ply replace the HTTP with HTTP- at the start of the !"# in your browsers location bar ($https%&&www.)uackit.co'$)

Web Servers - E$a%&"es
A&a)he HTT' Server
Apache HTTP -erver (also referred to as si'ply $Apache$) has( at the ti'e of writing( been the 'ost popular web server on the web since 1EEF. Apache is developed and 'aintained by the Apache -oftware 2oundation( which consists of a decentrali:ed tea' of developers. The software is produced under the Apache licence( which 'akes it free and open source. Apache is available for a range of operating syste's( including !nix( #inux( 8ovell 8etware( ,indows( /ac 7- G( -olaris( and 2ree.-3. Apache HTTP -erver website% http%&&httpd.apache.org

i)roso(t Internet In(or%ation Servi)es +IIS,
**- is( at the ti'e of writing( the second 'ost popular web server on the web. *t is however( gaining 'arket share( and if the current trend continues( it won t be long before it overtakes Apache. **- co'es as an optional co'ponent of 'ost ,indows operating syste's. You can install **- by using Add/Remove Windows omponents fro' Add or Remove !ro"rams in the 5ontrol Panel. /icrosoft **- website% http%&&www.'icrosoft.co'&iis

S#n -ava Syste% Web Server

.ased on the -un 7ne ,eb -erver( the -un ?ava -yste' ,eb -erver is designed for 'ediu' to large business applications. -un ?ava -yste' ,eb -erver is available for 'ost operating syste's. -un ?ava -yste' ,eb -erver website% http%&&www.sun.co'&software&products&webHsrvr&ho'eHwebHsrvr.x'l

Web Server *o%&onents and De&enden)ies
Windows *E ./0 > out of 1 rated this helpful + "ate this topic Note The following section applies only to the ,eb server release in ,indows 5D Platfor' .uilder( where the individual libraries that 'ake up the ,eb server can be linked together in custo'i:able ways. The ,eb server contains seven co'ponents. The following table lists descriptions of these co'ponents( as well as dependencies between the co'ponents. -i:e approxi'ations are based on a retail build of ,indows 5D co'piled for the *ntel xIF+based co'puter. ,ith the exception of Httpasp( all of the co'ponents should be available in /axall and /inco'' configurations.

5o'ponent 3escription na'e
Htt%d Htt%'ore Htt%%arse Htt%auth Htt%isa%i .e(uired in all 'onfi2urations# .e(uired in all 'onfi2urations# .e(uired in all 'onfi2urations# .e(uired for authenti'ation#

Approxi'ate si:e
2/ K3 4444 4444 2 K3

Common 'om%onent for s'ri%tin2 o%tions# 5his 'om%onent is the ase for 3 K3 6$&P6 e1tensions7 6$&P6 filters7 and &$P %a2es7 and %erforms no stand-alone o%erations# .e(uired for 6$&P6 e1tensions# 5his 'om%onent de%ends on Htt%isa%i# .e(uired for 6$&P6 filters# 5his 'om%onent de%ends on Htt%isa%i and Htt%e1tn# 4 K3 1/ K3

Htt%e1tn Htt%filt

Htt%as%

.e(uired for su%%ort of &$P# 5his 'om%onent de%ends on Htt%isa%i and 1 K3 Htt%e1tn# 5he si8e a%%ro1imation re%resents only the overhead that is added to the 9e server when the se%arate 'om%onents of &$P are installed#

Note The netregd co'ponent 'ust be included to allow the ,eb server to be accessed by its 3o'ain 8a'e -yste' (38-) na'e. ,ithout this co'ponent( you 'ust use the *P address of the ,eb server to access it. -ee the /icrosoft ,indows 5D Platfor' .uilder docu'entation for 'ore infor'ation about the netregd co'ponent. *f a file that is re)uested by the client browser has a .dll extension and is in a virtual directory with HSE1!LA2S134L1E5E*3TE per'issions( and if the Httpextn co'ponent is not part of the ,eb server( the $0>1 J 8ot *'ple'ented$ status code is returned to the client browser.

*f a file that is re)uested has an .asp extension and the Httpasp co'ponent is not part of the ,eb server( or if the 'ain A-P+page library has not been set up properly( the $0>1 J 8ot *'ple'ented$ status code is returned to the client browser.

#niform $esour!e Lo!ators +#$Ls/7*s, or /niform 7esource *ocators, are the method by which documents or data are addressed in the World Wide Web" The /7* contains the following information:
• • • •

the internet name of the site containing the resource (document or data the type of service the resource is served by (eg, 'TTP, @opher, W+!. the !nternet port number of the service" !f this is omitted the browser assumes a commonly accepted default value" the location of the resource in the directory structure of the server" /7*s are more sophisticated than this brief introduction would imply" For more detail, have a look at the /7* overview document, found at the /7*:http:11www"w>"org1hyperte(t1WWW1+ddressing1/7*1Averview"html"

2'3 Stru!ture of an #$L
The following is an outline of the most common form of a /7*: http://www.address.edu:1234/path/su dir/file.ext ! ! ! ! ! !service ! ! ! ! !"""" host """"""! ! ! ! ! ! !port! ! ! file a#d ! !" resource details "! 2'3'4 Servi!e The above figure gives a general outline of /7* structure" This outline if followed by most, but not all, /7*s" .pecific cases are discussed in subse&uent sections" The first part is the service specifier, (here 'TTP service which specifies the access method" .pecifically this is the part before the colon" .ome e(amples of services are:http:, $opher:, wais: and ftp:" 2'3'5 .ddress and "ort number The second part is usually the internet address of the server, indicated by the double forward slash (11 " This address can also contain the (optional port number

the service listens at" The full name is then specified by a string like //www.address.edu:1234/, where :1234 means Port number $?><" !f you want to use the default port number you can leave out both the colon and the number, i"e" //www.address.edu/" 2'3'6 $esour!e Lo!ation The forward slash after the host and port specifications indicates the end of the address and the beginning of the specification for the file1resource to be accessed" This field varies depending on the service being accessed" + few simple e(amples follow: more detailed ones are given in the documents listed below" 2'3'7 Spe!ial Cases !n some cases the internet address and resource location are omitted" The common e(amples of this are #ews: (for accessing /senet news group information and mailto:(for sending e-mail " 2'3'8 9uery Strings The /7* scheme also allows you to include a query string that is to be passed to the designated /7*" This is indicated by placing a &uestion mark at the end of the /7*, followed by the desired &uery string" For e(ample:
http://www.where.edu/c$i% i#/pro$ram&'uer("stri#$"data

The &uery string must be specially encoded, using what is known as URL encoding" This is discussed in the 6@! documentation found at 86.+ and elsewhere in this document collection"

2'3': Some Simple #$L ;<amples
http://i#fo.cer#.ch/h(pertext/)))/*ddressi#$/+,-/.verview.html

7etrieve the named 'T)* document from the 6E78 http server running on the default port"
$opher://$um (. rai#.headache.edu:1/1/0fo#e oo1.txt

+ccess the searchable inde( ,fonebook"t(t, from the named gopher server, running on port number $B$"
#ews:alt.rec.motorc(cle

+ccess the newsgroup alt"rec"motorcycle" For detailed information on the different /7* formats see:

.ecure 'yperte(t Transfer Protocol

From Wikipedia, the free encyclopedia

Se!ure Hyperte<t &ransfer "roto!ol (S H&&" is a little-used alternative to the 'TTP. /7! scheme for encrypting web communications carried over 'TTP" .-'TTP is defined in 7F6 ?DD9" !t was developed by Eric 7escorla and +llan )" .chiffman"#$% Web browsers typically use 'TTP to communicate with web servers, sending and receiving information without encrypting it" For sensitive transactions, such as !nternet e-commerce or online access to financial accounts, the browser and server must encrypt this information" 'TTP. and .-'TTP were both defined in the mid-$229s to address this need" 8etscape and )icrosoft supported 'TTP. rather than .-'TTP, leading to 'TTP. becoming the de facto standard mechanism for securing web communications"
Contents
[hide]

1 :ifferen'es from H55P$ 2 $ee also 3 .eferen'es 4 01ternal lin+s

[edit](ifferen!es

from H&&"S

.-'TTP encrypts only the served page data and submitted data like PA.T fields, leaving the initiation of the protocol unchanged" 4ecause of this, .-'TTP could be used concurrently with 'TTP (unsecured on the same port, as the unencrypted header would determine whether the rest of the transmission is encrypted" !n contrast, 'TTP. wraps the entire communication within ..*, so the encryption starts before any protocol data is sent" This creates a 0chicken and egg0 issue with determining which D8. name was intended for the re&uest, which means that implementations without the hostEnameEindication e(tension re&uire a separate !P per D8. name, and all implementations re&uire a separate port (usually <<> vs" 'TTP,s standard 39 separate /7! protocol, https:// " !n .-'TTP, the desired /7* is not transmitted in the clearte(t headers, but left blankC another set of headers is present inside the encrypted payload" !n 'TTP., all headers are inside the encrypted payload, and the 'TTP. server application does not generally have the opportunity to gracefully recover from T*. fatal errors (including ,client certificate is untrusted, and ,client certificate is e(pired, "#>%
#?%

for unambiguous use of encryption (treated in most browsers as a

An Overview of SHTTP

Adam Shostack, May 1995
A. ntrod!ction to, and history of, S"HTTP $-H55P was desi2ned y 0# .es'orla and &# $'hiffman of 065 to se'ure H55P 'onne'tions# $H55P %rovides a wide variety of me'hanisms to %rovide for 'onfidentiality7 authenti'ation7 and inte2rity# $e%aration of %oli'y from me'hanism was an e1%li'it 2oal# 5he system is not tied to any %arti'ular 'ry%to2ra%hi' system7 +ey infrastru'ture7 or 'ry%to2ra%hi' format# 5he internet draft is fairly 'lear in its %resentation of the %roto'ol7 althou2h im%lementation details are s+et'hy# $-H55P is a su%erset of H55P7 whi'h allows messa2es to e en'a%sulated in various ways# 0n'a%sulations 'an in'lude en'ry%tion7 si2nin27 or *&C ased authenti'ation# 5his en'a%sulation 'an e re'ursive7 and a messa2e 'an have several se'urity transformations a%%lied to it# $-H55P also in'ludes header definitions to %rovide +ey transfer7 'ertifi'ate transfer7 and similar administrative fun'tions# $-H55P a%%ears to e e1tremely fle1i le in what it will allow the %ro2rammer to do# $H55P also offers the %otential for su stantial user involvement in7 and oversi2ht of7 the authenti'ation ; en'ry%tion a'tivities# $-H55P does not rely on a %arti'ular +ey 'ertifi'ation s'heme# 6t in'ludes su%%ort for .$&7 in- and7 out-of- and and +er eros +ey e1'han2e# Key 'ertifi'ations 'an e %rovided in a messa2e7 or o tained elsewhere# "i+e $$"7 'lient %u li' +eys are not re(uired# 6<ll e dis'ussin2 the messa2e format7 the ne2otiation of o%tions7 and the formattin2 of messa2es7 as well as retry ehavior7 intera'tion with older servers7 and im%lementation details# &ll of this is well 'overed in draft-res'orla-shtt%-=7 availa le wherever fine 6nternet drafts are stored# #. The $rotoco% & $e'ure H55P messa2e is a re(uest or status line7 followed y other headers >whi'h must e .?C,22 'om%liant@7 and some 'ontent# 5he 'ontent 'an e raw data7 a $e'ure H55P messa2e7 or an H55P messa2e# 5he re(uest line is defined as
2ecure 3 2ecure%HTTP/1.1 to which the respo#se must 2ecure%HTTP/1.1 244 .5 e:

5hese lines are defined to %re'lude an atta'+er from seein2 the su''ess or failure of a 2iven re(uest# $e'ure H55P ta+es a 2enerally %aranoid attitude to all information7 lea+in2 as little as %ossi le#
1. Headers 5here are few headers that should 2o in the $e'ure H55P header# 5here are other headers whi'h 2o into an H55P header7 whi'h is en'a%sulated within the $-H55P messa2e# 5hose headers are defined in $-H55P7 ut are used as headers in the H55P do'ument7 i#e#7 they 'annot e used without ein2 %rote'ted y an $-H55P en'a%sulation#

Content-Priva'y-:omain is for 'om%ati ility with P0* ased se'ure H55P# O%tions are .$&<s PKC$-) >Pu li' Key Cry%to2ra%hy $tandard )7 ACry%to2ra%hi' *essa2e $ynta1 $tandardA@7 .?C1421 style P0*7 and PBP 2#! format#

Content-5ransfer-0n'odin2 e1%lains how the 'ontent of the messa2e is en'oded# )7 , it are self e1%lanatory7 ase-!4 is as defined in .?C-1421# Content-5y%e is a standard header7 and should 2enerally e a%%li'ationChtt%# Prearran2ed-Key-6nfo is information a out the +eys used in the en'a%sulation of this messa2e# ?ields are for the ty%e of 'i%her7 a :0K >data e1'han2e +ey@ used to en'ry%t this messa2e7 and the identity of the +ey used to en'ry%t the :0K# *&C-6nfo is a messa2e authenti'ation 'ode to ensure that a messa2e has not een tam%ered with7 without the e1%ense of si2natures# 5hese are the only $e'ure H55P headers defined in the s%e'# However7 there are also a num er of new H55P headers defined# 5hose are $e'urity $'heme7 en'ry%tion identity7 :D-14,5 Dame 'lass7 Ker eros Dame 'lass7 Certifi'ate 6nfo7 Key &ssi2n7 and Don'es# $e'urity $'heme is a holds the %roto'ol name and version# 0n'ry%tion 6dentity names the entity for whi'h a messa2e is en'ry%ted7 say in the 'ase of a server with multi%le %u li' +eys# 5he name 'lass o%tions >:D-14,5 and Ker eros@ allow entities to say how they identify themselves7 and who they are# Certifi'ate 6nfo lines allow a sender to send a %u li' +ey 'ertifi'ate in a messa2e with other %ur%oses7 savin2 the trou le of a se%arate e1%li'it 'ertifi'ate retrieval# Key assi2n is the messa2e used for a'tual +ey e1'han2es7 and assi2nment of sym oli' names to e1'han2ed +eys# Key e1'han2e has many o%tions7 allowin2 +eys to e en'a%sulated in various ways7 2iven sym oli' names7 and have lifetimes assi2ned to them# "ifetimes 'an e <this< meanin2 the +ey is 2ood for this messa2e7 or <re%ly< meanin2 the +ey 'an e used for a re%ly >%ossi ly several re%lies@ to this messa2e# Don'e>s@ are session identifiers7 used to indi'ate the freshness of a session7 and %re'lude re%lay atta'+s# & messa2e may in'lude a num er of non'es7 from 8ero to several# 5he server will often 2enerate them7 and e1%e't a 'lient to res%ond with the same non'e# Don'es are often time ased7 ut $e'ure H55P su22ests that a random value may e used# >Cry%to2ra%hi'ally stron2 random num ers are diffi'ult to 2enerate7 however7 it seems that the non'e need not e very stron2#@
2. Negotiation 5o offer fle1i ility in the 'ry%to2ra%hi' enhan'ements used7 'lient and server ne2otiate a out what enhan'ements ea'h is willin2 to use7 unwillin2 to use7 or will re(uire e used# De2otiations lo'+s have four %arts7 %ro%erty7 value7 dire'tion >always with res%e't to the ne2otiator@7 and stren2th >of %referen'e@# 6f a2ents are una le to dis'over a 'ommon set of al2orithms7 a%%ro%riate a'tions should e ta+en# Continuin2 to re(uest a refused o%tion is 'onsidered ineffe'tual and ina%%ro%riate#
*# example #e$otiatio# li#e would e: 2HTTP%5e(%Excha#$e%*l$orithms: recv%re'uired6,2*75er %/

5o mean that messa2es to this ma'hine must use Ker eros 5 or .$& en'ry%tion to e1'han2e +eys#

5he modes availa le are >re'vEEori2@->o%tionalEEre(uiredEErefused@# 5he +eywords <re'v< and <ori2< indi'ate re'eive or ori2inate7 res%e'tively# Faria le +ey len2th 'i%hers are referred to as 'i%her[len2th]7 or 'i%her["1-"2]7 where len2th of +ey is len2th7 or in the 'ase of "1-"27 is etween "1 and "27 in'lusive# Ci%her without a len2th notation shall indi'ate a willin2ness to a''e%t any defined +ey len2th for a 'i%her#
Headers i# the #e$otiatio# ca# e:

2HTTP%Privac(%8omai#s: 2HTTP%9ertificate%T(pes: 2HTTP%5e(%Excha#$e%*l$orithms: 2HTTP%2i$#ature%*l$orithms: 2HTTP%:essa$e%8i$est%*l$orithms: 2HTTP%2(mmetric%9o#te#t%*l$orithms: 2HTTP%2(mmetric%Header%*l$orithms: 2HTTP%Privac(%E#ha#ceme#ts: ;our%5e(%Patter#:

$H55P-Priva'y-:omains 'an e P0*7 PKC$-)7 or PBP# $H55P-Certifi'ate-5y%esG 'an e e1tended form PKC$-!7 or H#5/-# 5his is stron2ly related to7 ut not de%endent on7 $HH5P-Priva'y- :omains# $H55P-Key-01'han2e-&l2orithmsG 'an e Out and7 6n and7 .$&7 or Kr - kv >for Ker eros-version@# Out and refers to any e1ternal7 or %rearran2ed +ey# ?or the situation of only a server havin2 a +ey7 and not e1%e'tin2 the 'lient to have any +ey7 the messa2e isG $H55P-Key-01'han2e&l2orithmsGori2-o%tionalI6n and7 .$&J re'v-re(uiredI.$& $H55P-*essa2e-:i2est-&l2orithmsG Can e <.$&-*:27< <.$&-*:57< or <D6$5-$H$#<
2HTTP%2(mmetric%9o#te#t%*l$orithms: 9a# e a#( of 8E2%9<9 8E2 i# 9ipher <loc1 9hai#i#$ =9<9> mode =?@P2 A1> B11C> 8E2%E8E%9<9 2 5e( 38E2 usi#$ E#cr(pt%8ecr(pt%E#cr(pt i# 9<9 mode 8E2%E8E3%9<9 3 5e( 38E2 usi#$ E#cr(pt%8ecr(pt%E#cr(pt i# 9<9 mode 8E2D%9<9 ,2*Es 8E2D i# 9<9 mode @8E*%9?< @8E* i# 9ipher ?eed ac1 :ode B12C ,92%9<9 ,2*Es ,92 i# 9<9 mode ,94 ,2*Es ,94 98:?%9<9 @<:Es 98:? =wea1e#ed 1e( 8E2> B24C i# 9<9 mode

?or a 2ood overview of all these 'i%hers7 e1'e%t .C47 :0$H and C:*?7 see >$'hneier7 1--4@# .C4 was a se'ret al2orithm until it was %osted to Cy%her%un+s in O'to er 1--47 where some dis'ussion too+ %la'e >see Cy%her%un+s &r'hive@# :0$H is a sli2htly stren2thened version of :0$# C:*? is a :0$-li+e 'i%her with a 4/ it real +eys%a'e#
2HTTP%2(mmetric%Header%*l$orithms: 9a# e a#( of 8E2%E9< 8E2 i# Electro#ic 9ode oo1 =E9<> mode =?@P2 A1 B11C> 8E2%E8E%E9< 2 5e( 38E2 usi#$ E#cr(pt%8ecr(pt%E#cr(pt i# E9< mode 8E2%E8E3%E9< 3 5e( 38E2 usi#$ E#cr(pt%8ecr(pt%E#cr(pt i# E9< mode 8E2D%E9< ,2*Es 8E2D i# E9< mode @8E*%E9< @8E* ,92%E9< ,2*Es ,92 i# E9< mode 98:?%E9< @<:Es 98:? i# E9< mode

& dis'ussion 'i%her modes is eyond the s'o%e of this %a%er7 ut 'an e found in >?6P$ ,1@ or >$'hneier7 1--47 'ha%ter ,@# &2ain7 C:*? and :0$H are (uestiona le al2orithms7 ut the authors 'hose to allow fle1i ility# >*att 3la8e ; Carl 0llison oth %rovided useful overviews of C*:? ; :0$H here a out 3 wee+s a'+# 5han+s a2ainK@ $H55P-Priva'y-0nhan'ementsG Can e any or all of <si2n7< <en'ry%t7< or <auth#< &uth differs from si2n in that auth %rovides a +eyed hash of the messa2e in a *&C7 while si2n %rovides a di2ital si2nature# Lour-Key-PatternG is a way to tell the other %arty what +eys to use within the o%tions ne2otiated# 5here are many o%tions ; %ossi ilities# ?or a 'om%lete list refer to the .es'orla draft7 whi'h 'on'ludes this se'tion withG ?or e1am%le7 to re(uest that the other a2ent si2n with a +ey 'ertified y the .$& Persona C& >whi'h uses name su ordination@ one 'ould use the e1%ression elow# Dote the use of .?C-14,5 (uotin2 to %rote't the 'omma >an .?C-14,5 field se%arator@ and the ed-style (uotin2 to %rote't the dot >an ed meta'hara'ter@#
;our%5e(%Patter#: 8F%14A/7 /.+6Perso#a 9ertificate7 .6G,2* 8ata 2ecurit(7 @#cH.G/

$e'ure H55P defines defaults for all these values# 5hose defaults may e ne2otiated u%wards or downwards7 and areG 5o use PKC$-) or P0* to en'ode messa2esJ to e1'han2e +eys7 and si2n messa2es usin2 .$&# *:5 is used as the messa2e di2est7 and >sin2le@ :0$7 in various modes7 is used as the ul+ 'i%her#
3. Message Format Options 5he format of the ody of a messa2e is indi'ated y the Content-Priva'y-:omain $H55P header line# 5here are several a''e%ta le Content-Priva'y-:omains7 whi'h are P0*7 PBP7 and PKC$- )# Mnder PKC$-)7 the most interestin2 o%tion is a self si2ned si2nature 'ertifi'ate in a messa2e ody# 5his is %ermitted7 and no assertions are made to its relia ility# 5his allows im%lementors a 2reat deal of fle1i ility# Other PKC$-) o%tions in'lude en'ry%tion >with a %u li' +ey7 or some %rearran2ed set@# Msin2 a domain of P0* or PBP7 the messa2es are en'oded with <strai2ht< PBP or P0* # 9ith some minor header 'han2es7 the ori2inal H55P a''ess authori8ation %roto'ols 'an e made 'om%ati le with the P0* format# 4. Error Conditions and Retry Behavior Dot all errors in $e'ure H55P result in 'onne'tions ein2 'losed# $ome will re(uire a new attem%t7 with different o%tions# 5he 3HH set of redire'tion 'odes %rovides the uildin2 lo'+s on whi'h to %erform redire'tion# Clients must inter%ret server messa2es to de'ide on the a%%ro%riateness of a retry# 5he 'lient should %ossi ly 'ommuni'ate with the user to determine what the a%%ro%riate a'tion is#

5here are a num er of s%e'ifi' sets of a'tions whi'h res%onses mi2ht su22est# 5he H55P res%onses AMnauthori8ed 4/1A 'ould e a failure of authenti'ation7 while APayment.e(uired 4/2A has o vious meanin2s# 5he ehaviors in these 'ases are not s%e'ified y $e'ure H55P7 ut the a'tions leadin2 to them mi2ht e %erformed in a %riva'y enhan'ed session#

& A$e'urity.etry 42/A messa2e indi'ates that the 'ry%to2ra%hi' o%tions in use are insuffi'ient7 and su22ests that an o%tion re- ne2otiation mi2ht e in order# 6f the messa2e was sent under $- H55P7 the res%onse will indi'ate what o%tions are desired >or demanded@# 5his 'an for'e a new %u li' +ey ne2otiation7 or offer a new non'e for freshness# 6f the 42/ messa2e is re'eived under H55P7 it indi'ates that an $-H55P messa2e should e sent# 5he %arameters desired are in'luded in the res%onse# 5here are limits %la'ed on automati' retries7 e'ause of atta'+s %ossi le with H55P# 5he 'lient is only allowed if the server re(uestin2 the retry already has the information# $ome a''e%ta le times to retry in'ludeG
• • •

5he retry res%onse was returned en'ry%ted under an in and +ey freshly 2enerated for the ori2inal re(uest# 5he retry res%onse was si2ned y the intended re'i%ient of the ori2inal re(uest# 5he ori2inal re(uest used an out and +ey and the res%onse is en'ry%ted under that +ey#

5he authors7 a%%ro%riately7 ur2e 'aution in 'hoosin2 when to automati'ally res%ond to a reen'ry%tion re(uest# 5hey also %rohi it automati' re-tryin2 a si2nature7 and allow for automati' retryin2 of a *&C authenti'ation failure#
5.O der servers 5here are several issues that 'an o''ur when a 'lient and server do not oth su%%ort $-H55P7 or when they su%%ort different versions of the %roto'ol# 6f the 'lient doesn<t send a messa2e with the a%%ro%riate se'urity enhan'ements7 the server should res%ond with a AMnauthori8ed 4/1A messa2e# 6n addition7 the %roto'ol defines a new M." %roto'ol desi2nator7 <shtt%#< $in'e a 'lient won<t +now how to dereferen'e this M."7 they will not 'ome in 'onta't with this %ro lem# !. Other detai s $-H55P uses a %roto'ol s%e'ifier of A$HH5P#A 6t su%%orted y $e'ure *osai'7 from 065# Do referen'e version is availa le today#

C. The threats 5hreats to $-H55P are similar to those a2ainst $$"# However7 the more 2eneral nature of $-H55P ma+e it diffi'ult to assess e1a'tly what is %ossi le# 6n the 'ase of a ha'+er7 or loo+er7 the atta'+ on a C& may e more diffi'ult7 due to the e1isten'e of multi%le C&s# & +ey 'ould theoreti'ally e verified y several C&s7 ma+in2 an atta'+ infeasi le# 6nsiders have similar o%tions7 ut an e1%anded a ility to wrea+ havo' within an H5*" do'ument# &. The $rotections offered 5he default o%erational mode of $-H55P is su stantially more resistant to atta'+ than that of $$"# 6t resists 'lear te1t 'ry%tanalysis7 *an 6n 5he *iddle7 and re%lay atta'+s# 6t is more ro ust than $$"7 e'ause o%tion rene2otiation and retries are %ermitted#

6n addition7 the 'ost of 'lear te1t 'ry%tanalysis of :0$ is su stantially hi2her than that of .C4-4/# >.e'all that :0$ is the default 'i%her for $-H55P7 and .C4-4/ is the default 'i%her for $$"#@ 5o rea+ an .C4-4/ +ey in a out month 'osts a out N125# 5o rea+ a :0$ +ey in one month 'osts a out N1/7/// >e1tra%olated from 9iener7 1--4@ & 5! it :0$ +ey 'osts one million dollars to rea+ in ) hours# >9iener7 1--4@ 5his 'ost s'ales u% and down in a linear fashion# >6#0#7 a 1C2 million dollar ma'hine will ta+e 14 hours@# & month has )2/ hours >24 hours 1 3/ days@7 whi'h is 1/2 %eriods of ) hours# 5he 'ost of rea+in2 :0$ in rou2hly one month is thus a out N1/ ///7 as o%%osed to N125 for 4/ it .C4# '. (eaknesses 5he use of in and +ey e1'han2e is %otentially very %ro lemati'J the authors don<t s%end enou2h time ensurin2 +eys are transferred %ro%erly# &n im%ro%er transfer would e a s'heme that sends Key 3 as 0a>3@# 5hat is to say7 +ey 3 whi'h re%la'es +ey & 'an not e sent usin2 +ey & to en'ry%t it# 6f an atta'+er has ro+en +ey &7 then he will have +ey 37 and the 'han2e of +ey is a waste of time >with res%e't to that atta'+er#@ 01a'tly this mista+e was made often y the Oa%anese in 9orld 9ar 5wo# >Kahn@ 01%e'tin2 %ro2rammers to learn from this mista+es of others >es%e'ially 5/ year old mista+es@ is a %oor et# $-H55P7 in ein2 fle1i le7 may offer a %ro2rammer enou2h ro%e to han2 themselves# &dmittedly7 it does not offer very many ro+en o%tions7 ut it doesn<t seem to have anythin2 li+e $$"<s A0n'ry%t everythin2 and don<t sweat itA attitude# & %ro2rammer7 es%e'ially one not familiar with issues of se'urity and 'ry%to2ra%hy7 'ould thin+ AMsin2 $-H55P will %rote't meA and totally fail to %rovide any 'ry%to2ra%hi' %rote'tions for his information# 5he li+elihood of this ha%%enin2 may e o%en to (uestion7 ut the %ro lem is worth 'onsiderin2#

5ransa'tion serverG
+ transa!tion server is a software component that is used in implementing transactions" + transaction involves multiple steps which must be completed atomically, as though it is a single operation which can not be interrupted, even though it may re&uire multiple steps" For e(ample, a bank moving money from account + to account 4 must remove it from + and also add it to 4C it would be unacceptable to do only one of these steps" !f the server is unable to accomplish all of the steps it must be sure to perform none of them" This will mean ensuring that transactions are guaranteed, or that if a transaction fails the system can tell this has happened" !n case of transaction failure, it can be 0backed out0 (or 0rolled back0 , which will mean that the system reverses all the actions that happened during the partial completion of the transaction" This is sometimes referred to as the +6!D property"
#citation needed %

+ transaction server will consist of a system providing the safety described above, and an environment where programs can be written to make use of these features" !t will also have various connection protocols to allow it to connect to the databases involved, and to the front end software (for e(ample the computer of a telesales person or the web interface of an online bank "

& transa'tion server mana2es usiness transa'tions# 6t sits in the middle7 etween the 'lient and the server and a'ts as 2lue7 holdin2 essential data %ro'essin2 a'tivities to2ether# 6t allows hu2e amounts of information to remain a''urate and ensures transa'tions are 'om%leted without interru%tion or data 'orru%tion# & transa'tion server sits ri2ht in the middle of a system7 mana2in2 transa'tions as they 8oom around different networ+s# 5he transa'tion server is res%onsi le for maintainin2 hi2h %erforman'e7 availa ility and data inte2rity# 6t also ma+es sure that no 'om%uter has too mu'h or too little to do# Transaction Server A$$%ications 5ransa'tion servers are est suited to se'ure7 hi2h-s%eed a%%li'ations su'h asG
• • • • •

0-'ommer'e $to'+ mar+et tradin2 &irline reservations Credit-'ard verifi'ation Online an+in2 transa'tions

9hen a transa'tion server sees that one 'om%uter has een sent too mu'h wor+7 it automati'ally divides the wor+ amon2 all availa le 'om%uters7 %oolin2 resour'es to %revent any one ma'hine from 'rashin2# 9hen it u%dates data ases7 a transa'tion server also %erforms what<s +nown as state mana2ement# 6f it senses that a 'om%uter 'an<t 'om%lete a transa'tion7 it ma+es the software a'+ out and return to its ori2inal state without data 'orru%tion# Lou don<t want half %ro'esses# Lou need to have oth data ases 'om%letely u%dated and7 if the %ro'ess fails7 to a'+ out as if the transa'tion never o''urred# A Process & transa'tion server is 'onsidered more of a %ro'ess than a 'on'rete %ie'e of hardware or software# 6t<s e'omin2 in'reasin2ly rare to see a transa'tion server sold as a se%arate %rodu't# 6t<s either %art of a 'om%uter<s o%eratin2 system or %art of the middleware P software that sits etween a smaller 'om%uter7 'alled a 'lient7 and a lar2er one7 'alled a server# *iddleware ma+es sure that when the 'lients re(uest information7 the servers %rovide it7 even thou2h they mi2ht e ased on different 'om%utin2 %latforms#

One of the fundamental 'hara'teristi's of middleware is inde%enden'e and o%enness# 6t<s a 2enerali8ed infrastru'ture to whi'h a lot of tools 'an e a%%lied# 3a'+ in the days of the mainframe7 the transa'tion server was 'alled a transa'tion monitor# 6t e1%anded eyond mainframes to ta+e on the role of administerin2 distri uted o Qe't-oriented a%%li'ations in 'lientCserver 'om%utin2# O Qe't-oriented 'om%uter %ro2rams are ased on software rules that allow little 'hun+s of %ro2rams to a't as inde%endent o Qe'ts that wor+ to2ether throu2h the messa2es %assed amon2 them# 5hey are modular and reusa le7 so %ro2rammers don<t have to re%eatedly write the same o Qe'ts# 5hey 'an also swa% out one o Qe't for another without havin2 to rewrite the entire %ro2ram# & transa'tion server wor+in2 as middleware also solves a uni(ue %ro lemG &t first there were only 'lients and servers7 ut there was never a %la'e to e1e'ute a%%li'ations# 6t was always Qammed into the 'lient or into the a'+-end data ase# *iddleware fills that 2a% etween the 'lient and the server# 'nca$s!%ates nfrastr!ct!re 9herever it resides7 the transa'tion server en'a%sulates the underlyin2 infrastru'ture of a %ro2ram# 6t %rovides an environment in whi'h the software develo%er doesn<t have to write underlyin2 'ode in order to write an a%%li'ation# 6n the future7 it<s %ossi le we may not even use the term transa'tion server e'ause its fun'tions will e rolled into other %rodu'ts# Additiona% Ty$es of Midd%eware 3esides transa'tion servers7 there are five other ty%es of middlewareG
• • • •



)'*AC+ [older a%%li'ations that use different te'hnolo2y than the newer systems installed at an or2ani8ation]G Pulls to2ether and a''esses Ale2a'yA a%%li'ations# &ATA ACC'SSG Provides syn'hronous 'onne'tions amon2 a%%li'ations and different ty%es of data ases to su%%ly the re(uested data# ,'MOT' P,OC'&-,' CA)). Provides a lin+ etween the re(uestin2 a%%li'ation and a remote a%%li'ation M'SSA*'"O, '/T'&G &%%li'ations ma+e re(uests y %assin2 messa2es dire'tly to middleware with 2uaranteed delivery# *essa2es a't li+e re'ords7 'allin2 for a'tion and su%%lyin2 the in%ut needed for that a'tion O#0'CT"O, '/T'&G $u%%lies and mana2es 'ommuni'ation amon2 distri uted o Qe'ts7 whi'h are self-'ontained7 reusa le %ro2ram modules

5his 'on'e%tual drawin2 shows the transa'tion server sittin2 etween the 'entral server and three 'lients# 6n the model it<s a'tin2 as the middleware layer and isG
• • • •

*aintainin2 %erforman'e and availa ility Prote'tin2 transa'tions Preventin2 data 'orru%tion "oad alan'in2 to %revent systems from overwor+in2

Transaction Server 63*<s C6C$ 5ransa'tion $erver is transa'tion-oriented middleware infrastru'ture that ena les solution develo%ers to fo'us on usiness fun'tionality and end-user issues7 rather than the dee%7 te'hni'al issues often asso'iated with middleware# 5he enefit to solution develo%ersR Hi2h (uality %rodu'ts with faster time to mar+et# C6C$ 5ransa'tion $erver %lays a +ey role in distri uted a%%li'ation %ro'essin2# C6C$ 5ransa'tion $erver whi'h in'ludes %rodu'ts su'h as C6C$ Clients7 %rovides fun'tions and servi'es that sim%lify a%%li'ation develo%ment and 'ross %latform im%lementation# C6C$ 5ransa'tion $erver also ta+es advanta2e of the ro ustness of the O$C3-/ %latform thus deliverin2 hi2hly availa le and s'ala le solutions# 9ith the C6C$ Client te'hnolo2y ein2 in'or%orated in the C6C$ 5ransa'tion $erver %a'+a2e7 this delivers a sim%le &P6 for modifyin2 a%%li'ations to %rovide 'lient server C6C$ solutions# & first ste% in %artnerin2 with 63* is Qoinin2 the 63* 5ransa'tion $erver Partners in :evelo%ment %ro2ram# Ooinin2 the 5ransa'tion $ystems Partners in :evelo%ment %ro2ram allows you 2ain a''ess to the tools and resour'es needed for develo%in2 your C6C$-ena led a%%li'ations# 5his %ro2ram is also desi2ned for solution develo%ers who develo% or %ort 5H$eries- ased solutions to 'lientCserver environments# 9hy not e'ome a mem er todayR

TP monitor


• • • • • •
.hort for transaction processing monitor, a program that monitors atransaction as it passes from one stage in a process to another" The TP monitor,s purpose is to ensure that the transaction processes completely or, if an error occurs, to take appropriate actions" TP monitors are especially important in three-tier architectures that employload balancing because a transaction may be forwarded to any of severalservers" !n fact, many TP monitors handle all the load balancing operations, forwarding transactions to different servers based on their availability" Previous Term Term 8e(t (hat ty$e of network do need1 How wi%% (A/ o$timi2ation he%$ my network1 How do de$%oy (ire%ess )A/1 (hat are /etwork To$o%o3ies1 How do sec!re my wire%ess network1 (hat a$$%iances wi%% TP monitor sec!re my network1 (hat wire%ess networkin3 How &o O$timi2e standard do !se1 My (ire%ess )A/1

2ro#&ware6 Shared Tho#ghts7 Shared

edia7 and Shared

ode"s

?a'es Patrick ,illia's patrickKclockwerks.co' #*- CI0T ;nowledge /anage'ent -yste's April ==( =>>C

-chool of *nfor'ation The !niversity of Texas at Austin

Lroupware .ackground M 3efinitions Types of Lroupware Applications 5o'ponents of Lroupware Applications The "ole of Lroupware in ;nowledge /anage'ent Lroupware 3esign and *'ple'entation *ssues Awareness 5hallenges of Lroupware -yste's 5auses of Lroupware -uccess 5auses of Lroupware 2ailure The 2uture of Lroupware "eferences

Lroupware .ackground M 3efinitions
*n the 'ost general ter's( co'puters( since their invention( have been e'ployed to increase hu'an productivity. ,hether this increase is 'anifested in co'putations+per+second or in reduction in workforce( the subtext to achieve'ents 'ade in co'puting technology has been a constant drive to support and aug'ent the 'anner in which people work. As co'puting power has increased( supporting groups( rather than individual workers( has beco'e the focus of 'uch research and develop'ent. The field of 5o'puter+-upported 5ooperative ,ork (5-5,)( officially identified and asse'bled by Paul 5ash'an and *rene Lrief in 1EIA (Lrudin( 1EEA)( therefore( has been in existence 'uch longer than this date i'plies.

5-5,( often considered synony'ous with groupware( concerns software and technology that provide a 'eans for hu'an collaboration (#ococo M Yen( 1EEI( p. IF). /any related groups hold the concepts of 5-5, and groupware at the core of their practice( a'ong the' 5o'puter -upported 5ooperative #earning (5-5#)( 5o'puter+Assisted -oftware Dngineering (5A-D)( 5o'puter+Assisted 3esign (5A3)( 5o'puter+Assisted /anufacturing (5A/)( and Lroup 3ecision -upport -yste's (L3--). ,ith the proliferation of the world wide web( businesses have 'oved to leverage the vast increases in connectivity between individuals to facilitate and track training and encourage both independent and group+oriented educatio . This new real' of e+learning is large in scope and is seen by 'any as a fra'ework for organi:ational knowledge 'anage'ent. This widespread engage'ent of 5-5, ideas is a testa'ent to the ubi)uity of 5-5, in 'odern co'puting.

The for'al idea of groupware currently e'braced by the disciplines listed above is based pri'arily on #otus 8otes (#ococo M Yen( 1EEI( p. E>)( but the 'any different definitions and ideal feature sets for groupware are 'ore diverse and intangible. *n essence( concepts like hypertext( peer+to+peer networks( even A"PA8DT have their roots in groupware. The pri'ary focus of groupware applications is to connect people and allow the' to work( learn( and create together. This focus is carried out in a nu'ber of different 'anners%

 Communi'ation and 'oordination tools li+e *i'rosoft Outloo+ and Dovell Brou%9ise  9or+flow and 'olla oration tools li+e Broove and 9e 01  Peer-to-%eer learnin2 a%%li'ations li+e Collo(uia
-calia and -ack'ary cite as a 'a9or goal of groupware the provision of $a 'ultiple+user environ'ent in which participants can evaluate each other s contributions and( through a collaborative process of focused activities and dialogue( develop ideas and 'ake decisions$ (1EEF). #ococo and Yen provide the following conception of groupware capabilities%

Lroupware produces shared thoughts( shared 'edia( and shared 'odels. 5ollective thought is 'oved into a higher level when the traditional group interaction is eclipsed by the use of such collaborative tools. Dfficient sharing of ideas can be transfor'ed into shared understanding and into shared priorities. (1EEI( p. E1) These definitions place e'phasis on groupware as the )uintessential knowledge 'anage'ent technology. However( the vastness of the concept of groupware provides little structure or direction to those seeking knowledge 'anage'ent solutions for their organi:ations. 5lases and ,ehner further identify the ability $to ac)uire knowledge entities and to opti'i:e the storage( navigation and distribution of these separable units of knowledge in databases$ as the 'ost significant tasks for the co'puter support of knowledge 'anage'ent (=>>=( p. A=). .ardra' spotlights what 'ay be the proble' in engineering these capabilities% $because we do have a pretty good idea of what is 'eant by co'puter support ... confusion lies in understanding the nature of what we 'ean by cooperative wor#$ (1EEI( p. IE).

This paper will pri'arily focus on the conceptual fra'ework of groupware( the $what we 'ean by cooperative work$ di'ensions( including the driving forces of such work( na'ely awareness( shared context( and identity. The successful groupware and knowledge 'anage'ent solutions available in the 'arketplace today reflect the i'portance these concepts representN the sheer volu'e of products reflect the diversity in groupware needs and definitions at play. The )uestion addressed here is not what belongs in a groupware solution( but rather how people use groupware and why. ,hat are the li'itations and challenges of hu'ans working together in a virtual spaceB Are physical world 'etaphors helpful or do they do 'ore har' than goodB

*t is 'ost i'portant to note that groupware( workgroup co'puting( 5-5,++ whatever na'e is applied to co'puter+'ediated collaboration++ has been at the center of co'puter technology since the beginning. The ideas e'bodied by current software products proposing knowledge 'anage'ent and groupware solutions are based on goals that have been a part of the co'puting world since its inception% to aug'ent hu'an ability and intellect.

Types of Lroupware Applications
.ack to top

As 'entioned above( the variety of groupware applications is rivaled only by the nu'ber of discreet definitions of what groupware should do. *'portant concepts in differentiating types of groupware applications include workflow focused( co''unication focused( what+you+see+is+what+*+see (,Y-*,*-)( synchronous (real+ti'e)( and asynchronous (content repositories). Lroupware applications 'ay represent a co'bination of any or all of these criteria.

-calia and -ack'ary describe three categories of groupware( based on the level of co'plexity% e'ail and electronic bulletin boards( co'puter conferences( and group decision support syste's( which $pro'ote discussion and analysis of proble's and i'prove the speed and )uality of the decision+ 'aking process$ (1EEF). ,hile these categories do highlight a clear hierarchy of groupware uses( actual groupware syste's generally exhibit foggier boundaries.

3epending on the situation( the ideal 'ix of groupware di'ensions can differ greatly. ,hile synchronous groupware applications often atte'pt to replicate the dyna'ics of face+to+face co''unication (such as videoconferencing)( the task+centered virtual environ'ent 'ay not re)uire such a feature. Lreenspan( Loldberg( ,ei'er( and .asso note that $being able to share 'aps( drawings( text( etc.( is often 'ore i'portant than seeing the other s face$ (=>>>( p. =0=). ;raut( Lergle( and 2ussell suggest that $the benefit of visual infor'ation co'es fro' allowing collaborators to share the work area rather than fro' seeing one another$ (=>>=( p. C1).

2urther'ore( Lutwin and Lreenberg note that with relaxed+,Y-*,*- syste's( in which the user sees a blend of both private and group view( 'aintaining awareness of others in the workspace can be a considerable proble' (=>>=( p. A10). Lutwin( "ose'an( and Lreenberg explain this awareness proble' with a basic rule of groupware present in 'uch of the literature% $increasing individual control reduces the group focus inherent in ,Y-*,*- environ'ents$ (1EEF( p. =0E).

-uccessful groupware applications re)uire that the co'bination of these di'ensions be tailored to the task to be co'pleted in the 5-5, environ'ent. 7ne+to+'any co''unication 'ay be well suited to one+way strea'ing video( while the group editing of a docu'ent de'ands the co''on focus of a strict ,Y-*,*- environ'entN an application supporting a coordination 'eeting a'ong geographically+ dispersed executives working with a co''on client 'ay re)uire a co'bination of videoconferencing and shared workspace features.

5o'ponents of Lroupware Applications
.ack to top #ococo and Yen identify perhaps the 'ost i'portant ele'ent of collaborative syste's( often overlooked as a functional co'ponent% people (1EII( p. EC). The authors focus on both facilitators and decision 'akers as the co''on link a'ong all other co'ponents of the groupware syste'. /any argue that( within the fra'ework of groupware( users can and should serve in design roles as well.

Apart fro' the users of a syste'( the basic co'ponents of groupware applications include ob9ects and concepts of a fa'iliar variety. The basic regions of 5-5, applications include% e'ail( docu'ent 'anage'ent( workflow( infor'ation sharing( access to shared data sources( collaborative tools (8ewning( 1EE@( p. 0F)( networking( co''unications tools( concurrent processing( windowing environ'ents (Lrudin( 1EE1)( 'e'os( databases( custo'er files (#ococo M Yen( 1EEI( p. I>)( contact 'anage'ent utilities (,hittaker( ?ones( M Terveen( =>>=( p. =1F)( awareness tools such as 'iniature views and radar (Lutwin M Lreenberg( 1EEIb( p. 01F)( shared whiteboards( docu'ent 'arkup( discussion groups (,erbach( =>>=)( and public and private calendars (;yng( 1EE1).

The "ole of Lroupware in ;nowledge /anage'ent
.ack to top *n ter's of knowledge 'anage'ent( groupware fulfills a nu'ber of specific roles. #otus 8otes( the standard conception of a groupware application( supports two of these specific knowledge 'anage'ent rolesN it enables both co''unication and group 'e'ory (,hittaker( 1EEF( p. A>E). Lroupware syste's not only facilitate and provide a foru' for organi:ational co''unication( but collect and store this co''unication as well. These dual roles represent 5lases and ,ehner s $'ost significant tasks$ 'entioned above( and reflect their $'ore 'odest approach$ of 5-5,( to $aug'ent organi:ational 'e'ory$ (=>>=( p. A=).

*n addition to knowledge generation and storage( Lutwin and Lreenberg note a general knowledge 'anage'ent role that all groupware syste's should support( providing users with infor'ation about their collaborators (=>>=( p. A1F). This is a 'ore i''ediate( real+ti'e need within a virtual environ'ent( and Lutwin and Lreenberg have pursued a great deal of research on awareness in virtual work environ'ents that will be addressed later in this paper.

Lroupware can also set the pace for knowledge workflow in an organi:ation. 3ix states that the ability

for a groupware syste' to 'atch the pace of the cooperative task is para'ount to its success( and that $different tasks have different paces($ and re)uire appropriate 'eans of notification (1EE@( p. 101). -i'ilarly( groupware syste's can also control co''unication and disruption% $the flip side to initiative is interruption. *f other people or things have the responsibility for telling you when things happen( they 'ay tell you when you least want the' to6$ (3ix( 1EE@( p. 101). A groupware solution should be able to 'anage pace and co''unication relative to the tasks it is e'ployed to aug'ent.

Additionally( groupware can be utili:ed to 'anage conflict. ;yng states that groupware is often responsible for identifying conflict( preserving a record of it until $procedures can be set up to handle it$ (;yng( 1EE1).

-tructured conversational interaction such as that available in the threaded discussions of #otus 8otes (,hittaker( 1EEF( p. A1>)( can serve to facilitate conversation and bring out conflict( but they can also i'pede the conversation and knowledge generation% "ather than facilitating conversation( atte'pts to 'aintain conversational focus by i'posing a rigid topic structure 'ay inhibit interaction. Providing prior topics 'ay actually serve as a filter on conversations% if users are uncertain of the structure of the database( or its $rules of conduct$( they 'ay choose not to participate. (,hittaker( 1EEF( p. A1F) All of the roles described above also support coordination a'ong 'e'bers of an organi:ation( which 'ay be the 'ost i'portant facet of groupware for knowledge 'anage'ent. Dffective groupware syste's 'ust add di'ension to relationships a'ong people in different locations( not 'erely atte'pt to replicate physical interaction. -uch syste's cultivate shared awareness( such as #ococo and Yen s $shared thoughts( shared 'edia and shared 'odels($ (1EEI( p. E1)( allowing users to%

      

Coordinate with ea'h other<s s'hedules 6dentify and isolate ste%s in the wor+ %ro'ess ?ind7 assess7 and intera't with or2ani8ational +nowled2e 6dentify and e1%lore lin+a2es etween 'owor+ers >so'ial networ+s@ :evelo% and raod'ast new +nowled2e $hare and mani%ulate di2ital o Qe'ts 0asily orient themselves amon2 'owor+ers in the virtual environment
These categories illustrate the i'portance of users taking active role in groupware for it success as a knowledge 'anage'ent solution. *t has already been noted that people the'selves 'ay be the 'ost i'portant co'ponents of groupware syste's. The philosophy driving knowledge 'anage'ent today holds that people are the assets( and 'ust be encouraged to i'part their value to others. *t is no

surprise that the issues facing knowledge workers and groupware developers often reflect psychological and sociological concerns.

Lroupware 3esign and *'ple'entation *ssues
.ack to top 5-5, is based on collective hu'an activity and( as such( its use and value 'ay be directly affected by group+interaction patterns( group+develop'ent processes( participant attitudes( and all the 'yriad social factors that are found in any work group. (-calia M -ack'ary( 1EEF) As people can be considered the pri'ary co'ponent of groupware syste's( so can they be considered the genesis of 'ost proble's facing successful groupware i'ple'entation. -calia and -ack'ary shed light on a truis' that can 'ake or break an organi:ation s adoption of a groupware solution for knowledge 'anage'ent. ,asserschaff and .entley recogni:e that individual user buy+in is an i'portant factor in syste' success and discuss $the need for groupware syste's to recogni:e and support individual differences$ and highlight $the tension in 'any existing syste's which seek to support these differences only to the extent that they do not li'it the syste' s ability to 'aintain a co''on context for the group s work$ (1EE@( p. C=C).

Lronback( ;yng( and /orgensen (1EEC) state that $users do not 'ake explicit distinctions between working in cooperative or individual 'odes ( they 9ust want to carry out their work($ supporting their view that 5-5, $should be provided as open building blocks that can be s'oothly integrated with existing types of applications.$

The state'ents above reflect the 'ultitude of issues a designer 'ust face in the develop'ent of groupware design and i'ple'entation. The factors at play that influence user perception of a groupware syste' can basically be approached in ter's of awareness.

Awareness
.ack to top 3ourish and .elotti state that $awareness infor'ation is always re)uired to coordinate group activities( whatever the task do'ain$ (1EE=( p. 1>@). 5-5, is no exceptionN in the groupware

environ'ent( awareness is 'anifested in a nu'ber of ways% as workspace awareness( in feedthrough( and through shared context. Lutwin and Lreenberg provide a description of the i'pact of awareness in a virtual environ'ent versus face+to+face co''unication% ,hile staying aware of others is so'ething that we take for granted in the everyday world( 'aintaining this awareness has proven to be difficult in real+ti'e distributed syste's where infor'ation resources are poor and interaction 'echanis's are foreign. As a result( working together through a groupware syste' often see's inefficient and clu'sy co'pared to face+to+ face work. (=>>=( p. A11) ,hile perhaps clu'sy( 'ethods of working in successful groupware syste's 'axi'i:e what Lutwin and Lreenberg call $workspace awareness($ which they define as $the up+to+the+'o'ent understanding of another person s interaction in the shared workspace$(=>>=( p. A1@). .y providing an understanding of what other users are doing and how the environ'ent is changing( this awareness( 3ourish and .elotti hold( provides users with the context for their own activities (1EE=( p. 1>@).

,orkspace awareness is not an easy aspect of a groupware syste' to 'anage( as $how it happened$ is rooted in the $occurrence of actions in ti'e( i'plicitly noted and understood while they happen( but so hard to reconstruct afterwards$ (3ix( 1EE@( p. 1AE). .ecause these reconstructions are difficult( constant workspace awareness is necessary. A constant strea' of workspace awareness infor'ation is referred to as $feedthrough($ or shared feedback. *n addition to providing the user with infor'ation about the changes( decisions( and locations of other users( feedthrough helps users to understand that their own actions are visible as well.

Lutwin and Lreenberg present an exa'ple of feedthrough in a shared workspace in which a graphical interface button reacts to one user s 'ouse behavior in 'anner that is visible to everyone in the workspace (1EEI( p. =11). *n 'ore co'plex tasks( such as browsing or selecting fro' a 'enu( only relevant infor'ation is trans'itted to other users( such as the specific 'enu choice. The benefits of workspace awareness and feedthrough are best su''ed up by Lutwin and Lreenberg in another paper% $,orkspace awareness is used in collaboration to coordinate activity( to si'plify verbal co''unication( to provide appropriate assistance( and to 'anage 'ove'ent between individual and shared work$ (1EEIb( p. 011).

*dentity within a groupware syste' is another kind of awareness. 2irst of all( identity 'akes the processes of workspace awareness and feedthrough possible by supplying actors for the actions.

-econdly( where workspace awareness and feedthrough provide a running co''entary of other users actions( identity is often engaged as a 'eans of deter'ining what actions user can and cannot undertake in the group environ'ent. This is called $role restriction.$

,hile $role restriction$ 'ay see' like a feature that suppresses the activity of users( 3ourish and .elotti fra'e it as a 'eans of facilitating activity. $7ne of the efforts of role support... is to reduce uncertainty about the actions an individual 'ight take( and hence provide greater awareness a'ong participants of others likely activities$ (1EE=( p. 1>E).

"ole restriction is also useful as a 'eans of access control (.entley( Appelt( .ushbach( et al.( 1EE@)( and can be an effective 'eans of 'otivation as well. *dentity i'plies accountability( which greatly i'pacts 'otivation( and user 'otivation is para'ount to the success of a groupware syste'.

5hallenges of Lroupware -yste's
.ack to top Lrudin (1EE1) describes the general challenge of designing effective groupware%$...our effortless interactions with others 'ake it easy to overlook the co'plexity of workplaces and the poorly understood nature of collaboration in general.$ This echoes .ardra' s clai' about learning $what we 'ean by cooperative work.$ The challenges facing groupware designers are diverse and 'any( and a'ong these proble's are 'any opportunities to explore .ardra' s dile''a.

Lutwin and Lreenberg identify three challenges to groupware designers in supporting awareness( deciding $what infor'ation to gather and distribute( how to present the infor'ation to the group( and when the infor'ation will be the 'ost useful$ (=>>=( p. A1C). Additionally( they detail three proble's in 'aintaining this necessary awareness% 2irst( the input and output devices used in groupware syste's generate only a fraction of the perceptual infor'ation that is available in a face+to+face workspace. -econd( a user s interaction with a co'putational workspace generates 'uch less infor'ation than actions in a physical workspace. Third( groupware syste's often do not present even the li'ited awareness infor'ation that is available to the syste'. (=>>=( p. A10). #ococo and Yen identify a wholly organi:ational and hardware+based set of challenges%

The pri'ary li'itations of groupware include the organi:ational environ'ent of the user( the existing architecture of the user s hardware syste'( the budgetary constraints of the organi:ation( and the infrastructure in place in the locations that will be linked. (1EEI( p. EC) Providing an idea of syste's re)uire'ent issues facing a co'plex groupware i'ple'entation( /ills (1EEE) describes a set of groupware needs faced by the 3efense Advanced "esearch Pro9ects Agency (3A"PA) to account for collaboration across heterogeneous bandwidth and devices( collaboration using natural 'odes of interaction( ready access to infor'ation affecting collaboration( collaboration without continuous activity( and the ability to evaluate effectiveness before deploy'ent. These pri'ary re)uire'ents see' al'ost prohibitive to the design of a syste'.

These three distinct sets of challenges are only the beginning. *n designing for specific groupware environ'ents( developers 'ust also deal with the custo'i:ation paradox that appears in 'uch of the 5-5, literature% the 'ore a syste' is tailored to an individual( the less useful it is to the group( and vice versa (;yng( 1EE1N Lutwin M Lreenberg( 1EEI).

5auses of Lroupware -uccess
.ack to top 3espite the see'ingly insur'ountable challenges that oppose the designers of groupware syste's( researchers have identified several factors that contribute to the success of groupware applications. ;line (=>>1) identified six clusters of user satisfaction issues ($ase of use% &rainin"% &echnical 'upport% onsultation% Wor# (eeds )et% and '*stem apabilities) which can be viewed as a road'ap

for building a user+centric syste'.

Additionally( 3ix finds that several cultural factors can have a substantial i'pact on groupware success% a strong core of initial users( full integration of existing infor'ation( use of existing standards( and new standards that are si'ple and public (1EE@( p. 1C@).

;yng feels it is i'perative that users have a considerable hand in the design of the syste'( in which they $apply their co'petence in the application do'ain to the design process... 'oving fro' evaluating to creating$ (1EE1).

5lases and ,ehner prescribe that conflict be leveraged to 'axi'i:e the flow of different perspectives throughout the groupware develop'ent process% ,e hold that different perspectives (between software designers as well as between software designers and anticipated or actual actors at work) involved in design ... 'ay beco'e potential driving factors for the develop'ent of 5-5, syste's. (=>>=( p. A>) To su''ari:e( the strongest advice the authors offer to the designers of groupware is no surprise% focus on users and user needs. This advice is 'ore difficult to 'anage in the context of the challenges addressed in the previous section.

5auses of Lroupware 2ailure
.ack to top 7bviously( groupware syste's fail when they do not 'easure up to the previously discussed challenges. However( 'uch of the 5-5, literature deals with the specific reasons specific syste's have failed.

5ockburn and ?ones include a'ong their identified causes of groupware failure situations that re)uire too 'uch effort on the part of the user( including the effort inherent in collaboration itself( the effort of 'eeting new syste' re)uire'ents( the effort i'posed by reduced flexibility( and the effort i'posed by difficult integration (1EE0). *'plicating users reluctant to share infor'ation or have their work 'onitored by others( #ococo and Yen find that organi:ational culture plays a 'a9or role in the failure of groupware syste's (1EEI( p. EA). The link between these two perspectives on groupware failure see's to be an expectation on the part of the user that 5-5, should be entirely analogous to face+ to+face co''unication. However( 'any of the conveniences offered by groupware rely on transactions unnecessary in physical workspaces. Those unwilling to provide infor'ation on their work activities or to extend the'selves a little further to learn a new way of working will derail 5-5, efforts. 8ewning s conception that groupware should concentrate on $i'proving intragroup co''unication rather than accelerating the pace of an individual s work($ 'ay be the approach necessary to co'bat this attitude.

The 2uture of Lroupware
.ack to top Lroupware and 5-5, have been )uietly shadowing the entire field of co'puter technology for the last few decades. .ased on the rise of connectivity at the end of the =>th century and current trends in co'puting( it is likely the 5-5, will re'ain in the spotlight and serve to unite so'e of the 'ore disparate fields of co'puting in the future. *t is conceivable that the concept of groupware will eclipse that of the *nternet and -e'antic ,eb as users beco'e 'ore able to define and interact within their own co''unities. Lrudin states that intelligent agents are $often envisaged as furthering an individual s interests in group and organi:ational settings$ (1EE1). This begs the )uestion of which direction 5-5, will take in the future% will groupware increase our awareness of the groups to which we belong or will groupware operate in the background of our interpersonal relationships( only interrupting us when per'issions are needed or rules are violatedB

*n ter's of traditional groupware and the i''ediate future( #ococo and Yen predict that as 'ore and 'ore syste's are connected across the internet( that $users will be 'ore de'anding of the infor'ation available fro' this foru' to enable the' to be 'ore productive and efficient as an individual and in tea's$ (1EEI( p. 1>>). ,hittaker( ?ones( M Terveen envision syste's to exploit and 'anage contacts based on algorith's like one they have developed (=>>=( p. ==A). Lutwin and Lreenberg s research suggests that new and richer 'ethods of 'aintaining awareness should be developed to increase the effectiveness of people interacting in virtual workspaces (1EEIb( p. 01@).

O45ect #roker
&n O Qe't 3ro+er is a middleware entity that mat'hes u% 'lient a%%li'ations with tar2et o Qe'ts# & tar2et o Qe't is a software entity that %rovides some servi'e to a 'lient software a%%li'ation# 6t may e lo'ated on the same ma'hine as the 'lient7 or half a world away# 5he 'lient doesn<t need to +now# 6t sim%ly tells the O Qe't 3ro+er >also +nown as O Qe't .e(uest 3ro+er7 or O.3@ what o%eration it would li+e to have %erformed7 and what information >%arameters@ it wishes to %rovide for the o%eration# 5hen the O Qe't 3ro+er sear'hes its re%ository for an o Qe't that 'an %erform the re(uested servi'e# 5he o Qe't that will %erform the servi'e is 'alled the tar2et o Qe't# 5he O Qe't 3ro+er %asses the re(uest and the %arameters from the 'lient to the tar2et7 and if a%%ro%riate7 %asses the results a'+ from the tar2et to the 'lient# 5he 'om ination of availa le o%erations and asso'iated %arameters is 'alled an Ainterfa'e#A &s lon2 as the 'lient and the tar2et a2ree on the interfa'e7 Qust a out anythin2 else 'an 'han2e in the system and it will still wor+#

Ab5ect re&uest broker
From Wikipedia, the free encyclopedia

5his arti'le needs attention from an e6$ert on the s!45ect # Please add a reason or a talk %arameter to this tem%late to e1%lain the issue with the arti'le# 9i+iProQe't Com%utin2 or the Com%utin2 Portal may e a le to hel% re'ruit an e1%ert#(November 2008) 5his arti'le does not cite any references or so!rces# Please hel% im%rove this arti'le y addin2 'itations to relia le sour'es# Mnsour'ed material may e 'hallen2ed and removed# (June 2010)
!n distributed computing, an ob=e!t re/uest bro,er +O$B- is a piece of middleware software that allows programmers to make program calls from one computer to another via a network" A74s promote interoperability of distributed ob5ect systems because they enable users to build systems by piecing together ob5ects from different vendors, so that they communicate with each other via the A74" A74s handle the transformation of in-process data structures to and from the byte se&uence, which is transmitted over the network" This is called marshalling or seriali=ation" .ome A74s, such as 6A74+-compliant systems, use an !nterface Description *anguage (!D* to describe the data that is to be transmitted on remote calls" !n addition to marshalling data, A74s often e(pose many more features, such as distributed transactions, directory services or real-time scheduling" !n ob5ect-oriented languages, the A74 takes the form of an ob5ect with methods enabling connection to the ob5ects being served" +fter an ob5ect connects to the A74, the methods of that ob5ect become accessible for remote invocations" The A74 re&uires some means of obtaining the network address of the ob5ect that has now become remote" The typical A74 also has many other methods"

[edit]*mplementations             
6A74+ - the 6ommon Ab5ect 7e&uest 4roker +rchitecture" !ce - the !nternet 6ommunications Engine "8ET 7emoting - ob5ect remoting library within )icrosoft,s "8ET Framework Windows 6ommunication Foundation A74e(press - 7eal-time and Enterprise A74s by Ab5ective !nterface .ystems Arbi( - +n Enterprise-level 6A74+ A74 from !A8+ Technologies D6A) - the Distributed 6omponent Ab5ect )odel from )icrosoft 7)! - the 7emote )ethod !nvocation Protocol from .un )icrosystems 7P6 - 7emote Procedure 6all .+8F'G+ Haradhi - 'igh Performance A74s by .ankhya Technologies .impleA74 - a small, non-6A74+ A74 A74it - an open-source 6A74+ A74 used as middleware for @8A)E AmniA74 - a 6A74+-compliant A74 released under the @P*

  

opalA74 - a 6A74+ implementation completely written in Perl" The +6E A74 - a 6A74+ implementation from the Distributed Ab5ect 6omputing (DA6 @roup T!Dorb - an open-source 6A74+ A74 from Telefonica !ID

Distributed ob5ect
From Wikipedia, the free encyclopedia

!mage describes communication between distributed ob5ects residing in different machines"

The term distributed ob=e!ts usually refers to software modules that are designed to work together, but reside either in multiplecomputers connected via a network or in different processes inside the same computer" Ane ob5ect sends a message to another ob5ect in a remote machine or process to perform some task" The results are sent back to the calling ob5ect" The term may also generally refer to one of the e(tensions of the basic ob5ect concept used in the conte(t of distributed computing, such as replicated objects or live distributed objects"



Replicated objects are groups of software components (replicas that run a distributed multi-party protocol to achieve a high degree of consistency between their internal states, and that respond to re&uests in a coordinated manner" 7eferring to the group of replicas 5ointly as an object reflects the fact that interacting with any of them e(poses the same e(ternally visible state and behavior"



Live distributed objects (or simply live objects

#$%

generali=e the replicated object concept to groups of replicas that might

internally use any distributed protocol, perhaps resulting in only a weak consistency between their local states" *ive distributed ob5ects can also be defined as running instances of distributed multi-party protocols, viewed from the ob5ect-oriented perspective as entities that have distinct identity, and that can encapsulate distributed state and behavior" .ee also !nternet protocol suite"

[edit]Lo!al

vs (istributed Ob=e!ts

*ocal and distributed ob5ects differ in many respects"#?% 'ere are some of them: $" *ife cycle : 6reation, migration and deletion of distributed ob5ects is different from local ob5ects

?" 7eference : 7emote references to distributed ob5ects are more comple( than simple pointers to memory addresses >" 7e&uest *atency : + distributed ob5ect re&uest is orders of magnitude slower than local method invocation <" Ab5ect +ctivation : Distributed ob5ects may not always be available to serve an ob5ect re&uest at any point in time B" Parallelism : Distributed ob5ects may be e(ecuted in parallel" D" 6ommunication : There are different communication primitives available for distributed ob5ects re&uests J" Failure : Distributed ob5ects have far more points of failure than typical local ob5ects 3" .ecurity : Distribution makes them vulnerable to attack"

[edit];<amples
Distributed ob5ects are implemented in Ab5ective-6 using the 6ocoa +P! with the 8.6onnection class and supporting ob5ects" Distributed ob5ects are used in Kava 7)!" 6A74+ lets one build distributed mi(ed ob5ect systems" D6A) is a framework for distributed ob5ects on the )icrosoft platform" DDAb5ects is a framework for distributed ob5ects using 4orland Delphi" Kt#disambiguation needed% is a framework for distributed components using a messaging paradigm" Kava.paces is a .un specification for a distributed, shared memory (spaces based Pyro is a framework for distributed ob5ects using the Python programming language" Distributed 7uby (D7b is a framework for distributed ob5ects using the 7uby programming language"

6ommon Ab5ect 7e&uest 4roker +rchitecture
From Wikipedia, the free encyclopedia

5his arti'le needs additiona% citations for verification# Please hel% im%rove this arti'le y addin2 'itations to relia le sour'es# Mnsour'ed material may e 'hallen2ed and removed# (February 2009)
The Common Ob=e!t $e/uest Bro,er .r!hite!ture (6A74+ is a standard defined by the Ab5ect )anagement @roup (A)@ that enables software components written in multiple computer languages and running on multiple computers to work together (i"e", it supports multiple platforms "
Contents
[hide]

1 Overview

o o

1#1 O Qe'ts 3y .eferen'e 1#2 :ata 3y Falue

o o o o o o

1#3 O Qe'ts 3y Falue >O3F@ 1#4 CO.3& Com%onent *odel >CC*@ 1#5 Porta le inter'e%tors 1#! Beneral 6nterO.3 Proto'ol >B6OP@ 1#) F*C6: >Fendor *inor Codeset 6:@ 1#, Cor a "o'ation >Cor a"o'@ 2 ?eatures 3 Pro lems and 'riti'ism 4 $ee also 5 .eferen'es ! ?urther readin2 ) 01ternal lin+s

[edit]Overview
6A74+ enables separate pieces of software written in different languages and running on different computers to work with each other like a single application or set of services" )ore specifically, 6A74+ is a mechanism in software for normali=ing the methodcall semantics between application ob5ects residing either in the same address space (application or remote address space (same host, or remote host on a network " Hersion $"9 was released in Actober $22$" 6A74+ uses an interface definition language (!D* to specify the interfaces which ob5ects present to the outer world" 6A74+ then specifies a mapping from !D* to a specific implementation language like 6II or Kava" .tandard mappings e(ist for +da, 6, 6I I, *isp, 7uby, .malltalk, Kava, 6A4A*, P*1! and Python" There are also non-standard mappings for Perl, Hisual 4asic, Erlang, and Tcl implemented by ob5ect re&uest brokers (A74s written for those languages" +t the A)@ )arch ?9$? meeting the A)@ recommended the new !D* to 6II$$ language mapping for adoption" 6urrently a formal revised submission has been posted online, before the end of +pril ?9$? the A)@ will publish a beta $ version of this new language mapping" #$% The 6A74+ specification dictates there shall be an A74 through which an application would interact with other ob5ects" !n practice, the application simply initiali=es the A74, and accesses an internal Object Adapter, which maintains things like reference counting, ob5ect (and reference instantiation policies, and ob5ect lifetime policies" The Ab5ect +dapter is used to register instances of the generated code classes" @enerated code classes are the result of compiling the user !D* code, which translates the highlevel interface definition into an A.- and language-specific class base for use by the user application" This step is necessary in order to enforce 6A74+ semantics and provide a clean user process for interfacing with the 6A74+ infrastructure" .ome !D* mappings are more difficult to use than others" For e(ample, due to the nature of Kava, the !D*-Kava mapping is rather straightforward and makes usage of 6A74+ very simple in a Kava application" This is also true of the !D* to Python mapping" The 6II mapping is notoriously difficultC the mapping re&uires the programmer to learn comple( and confusing datatypes that predate the 6II .tandard Template *ibrary (.T* " 6urrently work is being done to create a new 6II$$ language binding that will use .tandard Template *ibrary (.T* heavily" .ince the 6 language is not ob5ect-oriented, the !D* to 6 mapping re&uires a 6 programmer to manually emulate ob5ect-oriented features"

+ language mapping re&uires the developer to create !D* code that represents the interfaces to his ob5ects" Typically, a 6A74+ implementation comes with a tool called an !D* compiler which converts the user,s !D* code into some language-specific generated code" + traditional compiler then compiles the generated code to create the linkable-ob5ect files for the application" This diagram illustrates how the generated code is used within the 6A74+ infrastructure:

!llustration of the autogeneration of the infrastructure code from an interface defined using the 6A74+ !D*

This figure illustrates the high-level paradigm for remote interprocess communications using 6A74+" !ssues not addressed here, yet accounted for in the 6A74+ specification, include data typing, e(ceptions, network protocols, communication timeouts, etc" For e(ample: 8ormally the server side has the Portable Ab5ect +dapter (PA+ that redirects calls either to the local servants or (to balance the load to the other servers" +lso, both server and client parts often have interceptors that are described below" !ssues 6A74+ (and thus this figure does not address, but that all distributed systems must address, include ob5ect lifetimes, redundancy1fail-over, naming semantics (beyond a simple name , memory management, dynamic load balancing, separation of model between display1data1control semantics, etc" !n addition to providing users with a language and a platform-neutral remote procedure call (7P6 specification, 6A74+ defines commonly needed services such as transactions and security, events, time, and other domain-specific interface models" O1> trademar,s 6A74+, !!AP and A)@ are the registered marks of the Ab5ect )anagement @roup and should be used with care" 'owever, @!AP (@eneral !nter-A74 Protocol is not a registered A)@ trademark" 'ence in some cases it may be more appropriate 5ust to say that the application uses or implements the @!AP-based architecture"

[edit]Ob=e!ts

By $eferen!e

This reference is either ac&uired through a stringified /niform 7esource !dentifier (/7! string, 8ame.ervice lookup (similar to Domain 8ame .ystem (D8. , or passed-in as a method parameter during a call" Ab5ect references are lightweight ob5ects matching the interface of the real ob5ect (remote or local " )ethod calls on the reference result in subse&uent calls to the A74 and blocking on the thread while waiting for a reply, success or failure" The parameters, return data (if any , and e(ception data are marshaled internally by the A74 according to the local language and A. mapping

[edit](ata

By Value

The 6A74+ !nterface Definition *anguage provides the language- and A.-neutral inter-ob5ect communication definition" 6A74+ Ab5ects are passed by reference, while data (integers, doubles, structs, enums, etc" are passed by value" The combination of Ab5ects-by-reference and data-by-value provides the means to enforce strong data typing while compiling clients and servers, yet preserve the fle(ibility inherent in the 6A74+ problem-space"

[edit]Ob=e!ts

By Value +OBV-

+part from remote ob5ects, the 6A74+ and 7)!-!!AP define the concept of the A4H and Haluetypes" The code inside the methods of Haluetype ob5ects is e(ecuted locally by default" !f the A4H has been received from the remote side, the needed code must be either a priori known for both sides or dynamically downloaded from the sender" To make this possible, the record, defining A4H, contains the 6ode 4ase that is a space-separated list of /7*s from where this code should be downloaded" The A4H can also have the remote methods" The A4Hs may have fields that are transferred when the A4Hs are transferred" These fields can be A4Hs themselves, forming lists, trees or arbitrary graphs" The A4Hs have a class hierarchy, including multiple inheritance and abstract classes"

[edit]CO$B.

Component 1odel +CC1-

6A74+ 6omponent )odel (66) is an addition to the family of 6A74+ definitions" !t was introduced with 6A74+ > and it describes a standard application framework for 6A74+ components" Though not dependent on 0language dependent Enterprise Kava 4eans (EK4 0, it is a more general form of EK4, providing four component types instead of the two that EK4 defines" !t provides an abstraction of entities that can provide and accept services through well-defined named interfaces called ports" The 66) has a component container, where software components can be deployed" The container offers a set of services that the components can use" These services include (but are not limited to notification, authentication, persistence and transaction processing" These are the most-used services any distributed system re&uires, and, by moving the implementation of these services from the software components to the component container, the comple(ity of the components is dramatically reduced" !t is useful for reusability"

[edit]"ortable

inter!eptors

Portable interceptors are the 0hooks0, used by 6A74+ and 7)!-!!AP to mediate the most important functions of the 6A74+ system" The 6A74+ standard defines the following types of interceptors:

1# 2#
>"

!A7 interceptors mediate the creation of the new references to the remote ob5ects, presented by the current server" 6lient interceptors usually mediate the remote method calls on the client (caller side" !f the ob5ect .ervant e(ists on the same server where the method is invoked, they also mediate the local calls" .erver interceptors mediate the handling of the remote method calls on the server (handler side"

The interceptors can attach the specific information to the messages being sent and !A7s being created" This information can be later read by the corresponding interceptor on the remote side" !nterceptors can also throw forwarding e(ceptions, redirecting re&uest to another target"

[edit]>eneral

*nterO$B "roto!ol +>*O"-

ain article: !eneral "nter#OR$ %rotocol The @!AP is an abstract protocol by which Ab5ect re&uest brokers (A74s communicate" .tandards associated with the protocol are maintained by the Ab5ect )anagement @roup(A)@ " The @!AP architecture provides several concrete protocols, including:

1# 2# 3#
<"

!nternet !nterA74 Protocol (!!AP L The !nternet !nter-Arb Protocol is an implementation of the @!AP for use over the !nternet, and provides a mapping between @!AP messages and the T6P1!P layer" ..* !nterA74 Protocol (..*!AP L ..*!AP is !!AP over ..*, providing encryption and authentication" 'yperTe(t !nterA74 Protocol ('T!AP L 'T!AP is !!AP over 'TTP, providing transparent pro(y bypassing" Mipped !AP (M!AP L + =ipped version of @!AP that reduces the bandwidth usage

[edit]V1C*(

+Vendor 1inor Codeset *(-

Each standard 6A74+ e(ception includes a minor code to designate the subcategory of the e(ception" )inor e(ception codes are of type unsigned long and consist of a ?9-bit NHendor )inor 6odeset !DO (H)6!D , which occupies the high order ?9 bits, and the minor code proper which occupies the low order $? bits" )inor codes for the standard e(ceptions are prefaced by the H)6!D assigned to A)@, defined as the unsigned long constant 6A74+::A)@H)6!D, which has the H)6!D allocated to A)@ occupying the high order ?9 bits" The minor e(ception codes associated with the standard e(ceptions that are found in Table >-$> on page >-B3 are or-ed with A)@H)6!D to get the minor code value that is returned in the e(Ebody structure (see .ection >"$J"$, N.tandard E(ception Definitions,O on page >-B? and .ection >"$J"?, N.tandard )inor E(ception 6odes,O on page >-B3 " Within a vendor assigned space, the assignment of values to minor codes is left to the vendor" Hendors may re&uest allocation of H)6!Ds by sending email to tagre&uestPomg"org" + list of currently assigned H)6!Ds can be found on the A)@ website at: http:11www"omg"org1cgi-bin1docQvendor-tags The H)6!D 9 and 9(fffff are reserved for e(perimental use" The H)6!D A)@H)6!D (.ection >"$J"$, N.tandard E(ception Definitions,O on page >-B? and $ through 9(f are reserved for A)@ use" The 6ommon Ab5ect 7e&uest 4roker: +rchitecture and .pecification (6A74+ ?">

[edit]Corba

Lo!ation +CorbaLo!-

6orba *ocation (6orba*oc refers to a stringified ob5ect reference for a 6A74+ ob5ect that looks similar to a /7*" +ll 6A74+ products must support two A)@-defined /7*s: 0 cor aloc:0 and 0cor a#ame:0" The purpose of these is to provide a human readable and editable way to specify a location where an !A7 can be obtained" +n e(ample of corbaloc is shown below:

cor aloc::1I4.4/.114.41:3AIJ3/2ta#dardF2/Fame2erver%P.*/"root
+ 6A74+ product may optionally support the 0http:0, 0ftp:0 and 0file:0 formats" The semantics of these is that they provide details of how to download a stringified !A7 (or, recursively, download another /7* that will eventually provide a stringified !A7 " .ome A74s do deliver additional formats which are proprietary for that A74"

[edit]0eatures
6A74+ supports several features which it#&ho'% claims that no other single technology brings in one package" #citation
needed%

These benefits include language- and A.-independence, freedom from technology-linked implementations, strong

data-typing, high level of tunability, and freedom from the details of distributed data transfers" Language *ndependen!e 6A74+ at the outset was designed to free engineers from the hang-ups and limitations of considering their designs based on a particular software language" 6urrently there are many languages supported by various 6A74+ providers, the most popular being Kava and 6II" There are also 6-only, .mallTalk, Perl, +da, 7uby, and Python implementations, 5ust to mention a few" OS *ndependen!e 6A74+,s design is meant to be A.-independent" 6A74+ is available in Kava (A.-independent , as well as natively for *inu(1/ni(, Windows, .un, )ac and others" 0reedom from &e!hnologies Ane of the main implicit benefits is that 6A74+ provides a neutral playing field for engineers to be able to normali=e the interfaces between various new and legacy systems" When integrating 6, 6II, Ab5ect Pascal, Kava, Fortran, Python, and any other language or A. into a single cohesive system design model, 6A74+ provides the means to level the field and allow disparate teams to develop systems and unit tests that can later be 5oined together into a whole system" This does not rule out the need for basic system engineering decisions, such as threading, timing, ob5ect lifetime, etc" These issues are part of any system regardless of technology" 6A74+ allows system elements to be normali=ed into a single cohesive system model" For e(ample, the design of a multitier architecture is made simple using Kava .ervlets in the web server and various 6A74+ servers containing the business logic and wrapping the database accesses" This allows the implementations of the business logic to change, while the interface changes would need to be handled as in any other technology" For e(ample, a database wrapped by a server can have its database schema change for the sake of improved disk usage or performance (or even whole-scale database vendor change , without affecting the e(ternal interfaces" +t the same time, 6II legacy code can talk to 61Fortran legacy code and Kava database code, and can provide data to a web interface" Strong (ata &yping 6A74+ provides fle(ible data typing, for e(ample an 0+8G0 datatype" 6A74+ also enforces tightly coupled datatyping, reducing human errors" !n a situation where 8ame-Halue pairs are passed around, it is conceivable that a server provides a number where a string was e(pected" 6A74+ !nterface Definition *anguage provides the mechanism to ensure that user-code conforms to method-names, return-, parameter-types, and e(ceptions" High &une ability There are many implementations available (e"g" AmniA74 (Apen source 6II and Python implementation that have many options for tuning the threading and connection management features" 8ot all implementations provide the same features" This is up to the implementor" 0reedom 0rom (ata &ransfer (etails

When handling low-level connection and threading, 6A74+ provides a high level of detail in error conditions" This is defined in the 6A74+-defined standard e(ception set and the implementation-specific e(tended e(ception set" Through the e(ceptions, the application can determine if a call failed for reasons such as 0.mall problem, so try again0, 0The server is dead0 or 0The reference doesn,t make sense"0 The general rule is: 8ot receiving an e(ception means that the method call completed successfully" This is a very powerful design feature" Compression 6A74+ marshals its data in a binary form and supports compression" !A8+, 7emedy !T and TelefRnica have worked on an e(tension to the 6A74+ standard that delivers compression" This e(tension is called M!AP and this is now a formal A)@ standard"

[edit]"roblems

and !riti!ism

While 6A74+ promised to deliver much in the way code was written and software constructed, it has been the sub5ect of much criticism"#?% .ome of the failures were due to the implementations and the process by which 6A74+ was created as a standard, others reflect problems in the politics and business of implementing a software standard" These problems led to a significant decline in 6A74+ use and adoption in new pro5ects and areas" *mplementation in!ompatibilities The initial specifications of 6A74+ defined only the !D*, not the on-the-wire format" This meant that source-code compatibility was the best that was available for several years" With 6A74+ ? and later this issue has been resolved" Lo!ation transparen!y 6A74+,s notion of location transparency has been critici=edC that is, that ob5ects residing in the same address space and accessible with a simple function call are treated the same as ob5ects residing elsewhere (different processes on the same machine, or different machines " This notion is flawed if one re&uires all local accesses to be as complicated as the most comple( remote scenario" 'owever, 6A74+ does not place a restriction on the comple(ity of the calls" )any implementations provide for recursive thread1connection semantics" !"e" Ab5 + calls Ab5 4, which in turn calls Ab5 + back, before returning" (esign and pro!ess defi!ien!ies The creation of the 6A74+ standard is also often cited for its process of design by committee" There was no process to arbitrate between conflicting proposals or to decide on the hierarchy of problems to tackle" Thus the standard was created by taking a union of the features in all proposals with no regard to their coherence" #>% This made the specification very comple(, e(pensive to implement entirely and often ambiguous" + design committee composed largely of vendors of the standard implementation, created a disincentive to make a comprehensive standard" This was because standards and interoperability increased competition and eased customers, movement between alternative implementations" This led to much political fighting within the committee, and fre&uent releases of revisions of the 6A74+ standard that were impossible to use without proprietary e(tensions" #?% "roblems with implementations

Through its history, 6A74+ has been plagued by shortcomings in its implementations" Aften there have been few implementations matching all of the critical elements of the specification, #>% and e(isting implementations were incomplete or inade&uate" +s there were no re&uirements to provide a reference implementation, members were free to propose features which were never tested for usefulness or implementability" !mplementations were further hindered by the general tendency of the standard to be verbose, and the common practice of compromising by adopting the sum of all submitted proposals, which often created +P!s that were incoherent and difficult to use, even if the individual proposals were perfectly reasonable"#citation needed% Working implementations of 6A74+ have been very difficult to ac&uire in the past, but are now much easier to find" The ./8 Kava .DF comes with 6A74+ already" .ome poorly designed implementations have been found to be comple(, slow, incompatible and incomplete" 6ommercial versions can be very e(pensive" This changed significantly as commercial-, hobbyist-, and government-funded high &uality free implementations became available" 0irewalls 6A74+ (more precisely, !!AP uses raw T6P1!P connections in order to transmit data" 'owever, if the client is behind a very restrictive firewall or transparent pro(y server environment that only allows 'TTP connections to the outside through port 39, communication may be impossible, unless the pro(y server in &uestion allows the 'TTP 6A88E6T method or .A6F. connections as well" +t one time, it was difficult even to force implementations to use a single standard port L they tended to pick multiple random ports instead" +s of today, current A74s do have these deficiencies" Due to such difficulties, some users have made increasing use of web services instead of 6A74+" These communicate using ;)*1.A+P via port 39, which is normally left open or filtered through a 'TTP pro(y inside the organi=ation, for web browsing via 'TTP" 7ecent 6A74+ implementations, though, support ..* and can be easily configured to work on a single port" )ost of the popular open source A74., such as T+A and KacA74 also support bidirectional @!AP, which gives 6A74+ the advantage of being able to use callback communication rather than the polling approach characteristic of web service implementations" +lso, more 6A74+-friendly firewalls are now commercially available"

I’m Totally New To CORBA.
This page will get you started" We haven,t assumed that you know anything about 6A74+" We did, however, assume that you know something about computing in general, and distributed (that is, networked computing in particular - at least what you want to use it for, although not necessarily what you have to do to get it to work" .ome of the points in our discussion are aimed at management, while others are aimed at technical folks, but it,s too soon to diverge" Don,t worry about point of viewC by clicking on the topics that look interesting, you,ll pick the path that,s best for you"

UML, another OMG standard, may be even more widely used than CORBA.

What Is CORBA? What Does It Do?
CO$B. is the acronym for Common Ob5ect $e&uest Broker .rchitecture, A)@,s open, vendor-independent architecture and infrastructure that computer applications use to work together over networks" /sing the standard protocol !!AP, a 6A74+-based program from any vendor, on almost any computer, operating system, programming language, and network, can interoperate with a 6A74+-based program from the same or another vendor, on almost any other computer, operating system, programming language, and network" .ome people think that 6A74+ is the only specification that A)@ produces, or that the term 06A74+0 covers all of the A)@ specifications" 8either is trueC for an overview of all the A)@ specifications and how they work together, click here" To continue with 6A74+, read on"

Some large om!anies are embedding CORBA in networ"ed devi es #or #inan e and medi al a!!li ations.

What Is CORBA Good For?
6A74+ is useful in many situations" 4ecause of the easy way that 6A74+ integrates machines from so many vendors, with si=es ranging from mainframes through minis and desktops to hand-helds and embedded systems, it is the middleware of choice for large (and even not-so-large enterprises" Ane of its most important, as well most fre&uent, uses is in servers that must handle large number of clients, at high hit rates, with high reliability" 6A74+ works behind the scenes in the computer rooms of many of the world,s largest websitesC ones that you probably use every day" .peciali=ations for scalability and fault-tolerance support these systems" 4ut it,s not used 5ust for large applicationsC speciali=ed versions of 6A74+ run real-time systems, and small embedded systems"

$he #our "eys to ob%e t orientation are & & & & 'n a!sulation (olymor!hism )nheritan e )nstantiation

How Abo t A H!"h#$e%el Te&h'!&al O%er%!ew?
6A74+ applications are composed of objects, individual units of running software that combine functionality and data, and that fre&uently (but not always represent something in the real world" Typically, there are many instances of an ob5ect of a single type - for e(ample, an ecommerce website would have many shopping cart ob5ect instances, all identical in functionality but differing in that each is assigned to a different customer, and contains data representing the merchandise that its particular customer has selected" For other types, there may be only one instance" When a legacy application, such as an accounting system, is wrapped in code with 6A74+ interfaces and opened up to clients on the network, there is usually only one instance" For each ob5ect type, such as the shopping cart that we 5ust mentioned, you define an interface in A)@ !D*" The interface is the synta( part of the contract that the server ob5ect offers to the clients that invoke it" +ny client that wants to invoke an operation on the ob5ectmust use this !D* interface to specify the operation it wants to perform, and to marshal the arguments that it sends" When the invocation reaches the target ob5ect, the same interface definition is used there to unmarshal the arguments so that the ob5ect can perform the re&uested operation with them" The interface definition is then used to marshal the results for their trip back, and to unmarshal them when they reach their destination" The !D* interface definition is independent of programming language, but maps to all of the popular programming languages via A)@ standards: A)@ has standardi=ed mappings from !D* to 6, 6II, Kava, 6A4A*, .malltalk, +da, *isp, Python, and !D*script" For more on A)@ !D*, click here" This separation of interface from implementation, enabled by A)@ !D*, is the essence of 6A74+ - how it enables interoperability, with all of the transparencies we,ve claimed"

)n CORBA, lient and ob%e t may be written in di##erent !rogramming languages*

Theinterface to each ob5ect is defined very strictly" !n contrast, the implementation of an ob5ect - its running code, and its data - is hidden from the rest of the system (that is, encapsulated behind a boundary that the client may not cross" 6lients access ob5ects only through their advertised interface, invoking only those operations that that the ob5ect e(poses through its !D* interface, with only those parameters (input and output that are included in the invocation" Figure $ shows how everything fits together, at least within a single process: Gou compile your !D* into client stubs and ob5ect skeletons, and write your ob5ect (shown on the right and a client for it (on the left " .tubs and skeletons serve as pro(ies for clients and servers, respectively" 4ecause !D* defines interfaces so strictly, the stub on the client side has no trouble meshing perfectly with the skeleton on the server side, even if the two are compiled into different programming languages, or even running on different A74s from different vendors" !n 6A74+, every ob5ect instance has its own uni&ue object reference, an identifying electronic token" 6lients use the ob5ect references to direct their invocations, identifying to the A74 the e(act instance they want to invoke (Ensuring, for e(ample, that the books you select go into your own shopping cart, and not into your neighbor,s" The client acts as if it,s invoking an operation on the ob5ect instance, but it,s actually invoking on the !D* stub which acts as a pro(y" Passing through the stub on the client side, the invocation continues through the A74 (Ab5ect 7e&uest 4roker , and the skeleton on the implementation side, to get to the ob5ect where it is e(ecuted"

$he CORBAservi es !rovide standard ways o# !assing ob%e t re#eren es around your networ" o# CORBA ob%e ts. Lo ation $rans!aren y "ee!s your a!!li ations #le+ible.

How Do Remote I'%o&at!o's Wor(?
Figure ? diagrams a remote invocation" !n order to invoke the remote ob5ect instance, the client first obtains its ob5ect reference" (There are many ways to do this, but we won,t detail any of them here" Easy ways include the 8aming .ervice and the Trader .ervice" To make the remote invocation, the client uses the same code that it used in the local invocation we 5ust described, substituting the ob5ect reference for the remote instance" When the A74 e(amines the ob5ect reference and discovers that the target ob5ect is remote, it routes the invocation out over the network to the remote ob5ect,s A74" (+gain we point out: for load balanced servers, this is an oversimplification"

'ow does this workQ A)@ has standardi=ed this process at two key levels: First, the client knows the type of ob5ect it,s invoking (that it,s a shopping cart ob5ect, for instance , and the client stub and ob5ect skeleton are generated from the same "(L" This means that the client knows e(actly which operations it may invoke, what the input parameters are, and where they have to go in the invocationC when the invocation reaches the target, everything is there and in the right place" We,ve already seen how A)@ !D* accomplishes this" .econd, the client,s A74 and ob5ect,s A74 must agree on a common protocol - that is, a representation to specify the target ob5ect, operation, all parameters (input and output of every type that they may use, and how all of this is represented over the wire" A)@ has defined this also - it,s the standard protocol !!AP" (A74s may use other protocols besides !!AP, and many do for various reasons" 4ut virtually all speak the standard protocol !!AP for reasons of interoperability, and because it,s re&uired by A)@ for compliance" +lthough the A74 can tell from the ob5ect reference that the target ob5ect is remote, the client can not" (The user may know that this also, because of other knowledge - for instance, that all accounting ob5ects run on the mainframe at the main office in Tulsa" There is nothing in the ob5ect reference token that the client holds and uses at invocation time that identifies the location of the target ob5ect" This ensures location transparency - the 6A74+ principle that simplifies the design of distributed ob5ect computing applications"

OMG,s best su!!ort #or server-side s alability omes #rom the CORBA Com!onent Model.

That ORB)*(eleto' Ar&h!te&t re O' The *er%er *!de Does'+t $oo( ,ery *&alable. What D!d -o $ea%e O t?
+lmost everything" Figure $ doesn,t show any of 6A74+,s mechanisms for load balancing, resource control, or fault tolerance on the server side" We deliberately kept the figure simple to demonstrate how 6A74+ interoperability works" For technical details on the A74, click here" This technical page includes more detail about how the A74 works, and the interfaces it bears, including resource control and load balancing" This F+S continues with a description of the 6A74+ specifications"

$he over .// attendees at ea h OMG meeting ma"e it a ha!!ening as well as an o asion to advan e the OMG s!e i#i ation suite.

What Is CORBA .? CORBA /? What Does The ,ers!o' N mber 0ea'1 A'yhow?
+s we,ve already pointed out, 6A74+ is a suite of specifications issued by the A)@" We,ve put details of the specification process in their own part of this tutorial" To 5ump to details about how A)@ members work together to define new specifications, click here" Formally, 6A74+ ? and 6A74+ > refer to complete releases of the entire 6A74+ specification" 'owever, because A)@ increments the ma5or release number only when they make a significant addition to the architecture, these phrases become a sort of shorthand for 5ust the significant addition" .o, 06A74+ ?0 sometimes refers to 6A74+ interoperability and the !!AP protocol, and 06A74+ >0 sometimes refers to the 6A74+ 6omponent )odel (even though the term 6A74+ > really refers to a suite of ten specificationsT " !t,s easy to tell, from the conte(t, which meaning an author intends" To learn about how to download specifications, click here" To skip the download tutorial and go straight to the download page, click here"

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close