Whose Web service is it anyway?
If SOA is going to move from "academic" to practical application, developers will need better mechanisms for managing identity issues from single-sign-on to service-level agreements, said Ian Goldsmith, VP, product marketing at Digital Evolution.
Before SOA can work in large-scale business transactions, the technology will need software for managing not only security and identity but nuts-and-bolts IT issues such as versioning, service reuse guarantees and application provisioning, Goldsmith told XDT. Like any new technology, much of the early development with Web services was done with little thought given to how the application would run long-term in a changing environment.
"Developers tend to hand-code Web services into their application," Goldsmith said. "When the Web service changes, the application breaks."
From Digital Evolution's perspective, this is why the management of things like SLAs is going to be crucial to the success of SOA. The Santa Monica, Calif.-based provider of Web services security and management software is announcing its new Digital Evolution Service Manager this week to provide identity management specifically for SOAs. The product integrates with Netegrity's identity and access management products as well as tools from Tivoli.
Integration of Digital Evolution Service Manager with Netegrity Siteminder and TransactionMinder has already been implemented by one Fortune 500 company to provide single-sign-on between a Web portal and back-end mainframe Web services, Goldsmith said.
That integration project won praise from Amit Jasuja, Netegrity VP of product management and identity management in SOA application development, and it is being championed by the Burton Group.
"Identity is the key to managing SOAs," wrote James Kobielus, senior analyst at Burton Group. "In an SOA, every user, service, and application has an identity, and every identity has security, performance, and other policies associated with it. Organizations that deploy SOAs must ensure thorough, standards-based integration of their identity management (IdM) and Web service management (WSM) environments."
Rich Seeley is Web Editor for Campus Technology.