Cross-Domain Authentication Model in SOA based on Enterprise Service Bus
- Zheng Xiaorong
- 2010 2nd International Conference on Computer…
One reason that enterprises are adopting service-oriented architectures (SOA) is to develop applications more quickly by packaging - and then reusing - applications and data assets as services. Service encapsulation of implementation details is an important feature, and contributes to the loosely-coupled nature of a SOA. From this perspective, SOA data-services seem incompatible with AJAX frameworks which presume a great degree of client-side control of an application's data. For their part, AJAX frameworks promise to increase web-application performance by reducing the number of interactions between the browser and server. Caching server data on the web-client is a well known technique for achieving this goal, but implies that enterprise data is exposed to client-side developers. This paper presents ZAZEN, a SOA that mediates between the need to encapsulate enterprise data as a service and the needs of AJAX developers who want more control of their application's data. We describe ZAZEN's server-side architecture and discuss two APIs to the data-service: a REST API, and an implementation of the DOJO data APIs for relational databases.