Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
BPM and SOA Are Going Mobile: An Architectural Perspective
1. Guido
Schmutz
Trivadis
Torsten
Winterberg
OPITZ
CONSULTING
Deutschland
GmbH
BPM
and
SOA
Are
Going
Mobile
Oracle
Open
World,
September
2013
An
Architectural
Perspec;ve
[CON2253]
32. Warning:
Avoid
the
Many-‐cheap-‐Apps-‐Architecture-‐Maintenance-‐Hell
33. Mobile
Integra;on
Technologies
SOAP
• Has
a
reputa;on
for
being
complex
and
heavyweight
• Has
a
formal
contract
language
to
define
message
formats
• Supports
standardized
security
approaches
and
tools
• Supports
XML
and
Binary
REST
• Has
a
reputa;on
for
being
simple
and
lightweight
• No
formal
contract
language
to
define
message
formats
• Security
is
a
major
challenge
due
to
lack
of
standardiza;on
• Supports
mul;ple
data
types
(JSON,
Text,
XML,
Binary)
35. REST
API
Schema
Ak;on
Typ
URI
Schema
customerByUsername
GET
/api/customers?username=fred
rentalsByCustomerId
GET
/api/rentals?customerId=7
carTypes
GET
/api/cartypes
ci;es
GET
/api/ci;es
availableCars
GET
/api/availableCars?cityId=1
&startDate=2011-‐10-‐28-‐…
&endDate=2011-‐10-‐30-‐…
&maxPrice=90
rentCar
POST
/rental/
Body:
{carId=...,startDate=...,endDate=...}
Date
format:
"yyyy-‐MM-‐ddTHH:mm:ss.SSSZ"
36. Mobile
Integra;on
Technologies
XML
• “Na;ve”
format
for
enterprise
data
exchange
• Highly
formal
structure
• Content
CAN
be
validated
• Formats
can
change
only
when
all
par;es
agree
• Supports
mul;ple
data
types
(Text,
Binary)
JSON
• “Na;ve”
format
for
web
pages
• No
formal
structure
• Content
cannot
be
validated
• Easy
to
change
• Text
only
37. 37
REST:
URI
addressing
and
data
representa;on
Mobile
Integra;on
Panerns
38. JSON
as
exchange
format
for
data
Request:
$
curl
-‐-‐user
fred:pass
http://localhost:8484/...
.../rylc-‐html5/backend/api/customers?username=fred
Response:
{
"city":"Steintal",
"email":"fred@die-‐feuersteins.de",
"enabled":true,
"id":1,
"name":"Fred
Feuerstein",
...
}
39. old
new
The
Web
is
evolving…
Documents
Declara;ve
HTML
Templates
Request/Response
Thin
Client
Applica;ons
Programma;c
DOM
APIs
Synchroniza;on
Thick
Client
47. Data
Driven
Applica;ons
as
new
breed
“It’s
about
using
data
to
make
our
customer
touch
points
more
engaging,
more
interac;ve,
more
data-‐driven.”
48. Central
vs.
Applica;on
Databases
48
• Applica;on
Database
• Only
accessed
by
a
single
applica;on
• Only
the
applica;on
using
the
database
needs
to
know
about
the
structure
• Easier
to
maintain
and
evolve
the
schema
• More
freedom
to
choose
the
database
• Applicable
to
SOA
(i.e.
Data
Service/En;ty
Service)
with
good
Service
Autonomy
• Ready
for
the
cloud
• Central
Database
• Using
SQL
as
the
integra;on
mechanism
between
applica;ons
• applica;ons
store
data
in
common
DB
• Improves
communica;on,
all
applica;ons
operate
on
consistent
set
of
data
• Structure
ends
up
to
be
more
complex
• Changes
need
to
be
coordinated
with
all
other
applica;ons
using
the
database
• Side-‐effects
(i.e.
adding
database
index)
DB
Application 1 Application 2 Application 3
DB
Application 1 Application 2 Application 3
DB DB
49. Rela;onal
vs.
Aggregate
Data
Models
49
• Aggregate
is
a
term
that
comes
from
Domain-‐Driven
Design
(Evans)
• An
aggregate
is
a
collec;on
of
related
objects,
that
should
be
treated
as
a
unit
– Unit
for
data
manipula;on
and
management
of
consistency
• The
rela;onal
model
takes
the
informa;on
and
divides
it
into
tuples
(rows)
• A
tuple
is
a
limited
data
structure
– no
nes;ng
of
tuples
– no
list
of
values
50. NoSQL
Databases
Big
Data
frameworks
are
ogen
associated
with
the
term
NoSQL
• Not
only
SQL
• The
power
of
SQL
is
not
needed
for
all
problems
• Specialized
solu;ons
may
be
faster
or
more
scalable
• Bring
the
ability
to
handle
semi-‐structured
and
unstructured
data
• NoSQL
complements
RDBMS
• Different
types
of
NoSQL
today:
• Key-‐value,
Column-‐Family,
Document,
Graph
Big
Data
frameworks
and
NoSQL
are
related
but
not
necessarily
the
same
• Some
big
data
problems
may
be
solved
rela;onally
51. Polyglot
Persistence
Defines
a
hybrid
approach
to
persistence
• Using
mul;ple
data
storage
technologies
• Selected
based
on
the
way
the
data
is
used
by
an
applica;on
Decisions
• Have
to
decide
what
data
storage
technology
to
use
(Rela;onal
or
NoSQL)
• Today
it‘s
easier
to
go
with
rela;onal
New
Data
Access
APIs
• Each
data
store
has
its
own
mechanisms
for
accessing
the
data
Solu;on
• Wrap
data
access
code
into
services
(Data/
En;ty
Service)
exposed
to
applica;ons
51
Service-Oriented Polygot Persistence Model
User Session
Service
Shopping Cart
Service Order Service
Product Catalog
Service
Recomendation
Service
E-commerce Application
Shopping cart data User Sessions Product Catalog RecomendationsCompleted Order
Key-Value
RDMBS Document Graph
52. Unified
(Mobile)
Architecture
52
Enterprise
Applica;ons
SOAP
JMS
REST
RDMBS
Internet
of
Things
Mobile
Apps
Local
ESB
External
Cloud
Service
Providers
Enterprise
Service
Bus
(ESB)
EJB
Cloud
to
Device
Messaging
(C2DM)
Service
Gateway
CEP
HTTP/JSON
Applica;on
Server
Complex
Event
Processing
(CEP)
/
Fast
Data
NoSQL
/
Big
Data
BPM
und
SOA
Pla}orm
REST
SOAP
DB
LDAP
/
Enterprise
IDM
(Big)
Data
Analy;cs
Business
Logic
NoSQL
Web
Apps
DB
Analy;cal
Applica;ons
Data
Warehouse
Data
Integra;on
RDMBS
53. Unified
(Mobile)
Architecture
53
Enterprise
Applica;ons
SOAP
JMS
REST
RDMBS
Internet
of
Things
Mobile
Apps
Local
ESB
External
Cloud
Service
Providers
Enterprise
Service
Bus
(ESB)
EJB
Cloud
to
Device
Messaging
(C2DM)
Service
Gateway
CEP
HTTP/JSON
Applica;on
Server
Complex
Event
Processing
(CEP)
/
Fast
Data
NoSQL
/
Big
Data
BPM
und
SOA
Pla}orm
REST
SOAP
DB
LDAP
/
Enterprise
IDM
(Big)
Data
Analy;cs
Business
Logic
NoSQL
Web
Apps
DB
Analy;cal
Applica;ons
Data
Warehouse
Data
Integra;on
RDMBS
Oracle
Service
Bus
(OSB)
Oracle
WebLogic
Server
Oracle
SOA
Suite
Oracle
BPM
Suite
Oracle
ADF
Oracle
Event
Processing
(OEP)
Oracle
NoSQL
Database
Oracle
BigData
Appliance
(BDA)
Oracle
ADF
Mobile
Oracle
Data
Integrator
(ODI)
Oracle
ADF
Oracle
WebLogic
Server
Java
Embedded
Oracle
Database
Mobile
Server
Web
Sockets
OEP
Embedded
Oracle
Business
Intelligence
Founda+on
Suite
Oracle
Business
Ac+vity
Monitoring
(BAM)
Oracle
GoldenGate
Oracle
NoSQL
DB
Oracle
RDBMS
Oracle
Database
Mobile
Server
Oracle
IDM
Oracle
API
Gateway
(OAG)
55. § Mobile
Apps
today
§ Think
in
new
architecture
panern
§ Na;ve
Apps,
mobile
Web-‐Apps,
Hybride
Apps
§ HTML5,
Single-‐Page-‐Apps,
Many-‐Cheap-‐Apps-‐Hell,…
§ Mobile
Apps
tomorrow
§ Not
only
B2C
and
B2B,
but
M2M
§ Explosion
of
§ Number
of
Devices
§ Data
/
Events
§ Need
for
Integra;on
§ Combina;on
of
Cloud,
Big
Data,
Fast
Data
/
Event
Processing,
Mobile,
IoT
is
the
future
57. Oracle
ADF
Mobile
• Enables
Customers
to
mobile-‐enable
enterprise
applica;ons
– One
common
pla}orm
for
desktop
and
mobile
applica;ons
(Android
&
iOS)
– Handle
mul;ple
channels
and
network:
browser,
na;ve,
and
hybrid
applica;ons
• Technology
founda;on
for
future
Oracle
applica;ons
mobile
development
58. Oracle
ADF
• End-‐to-‐end
development
framework
for
Java
EE
• Based
on
industry
standards
• Full
model-‐view-‐controller
implementa;on
• Rich
web,
mobile
and
desktop
UI
• Focus
on
reusability
• Visual
and
declara;ve
development
• Integrated
security
and
customiza;on
59. Oracle
Database
Mobile
Server
• Secure,
efficient,
resilient
mobile
data
synchroniza;on
with
Oracle
Database
• Remote
applica;on,
user
and
device
management
• Standards-‐based
encryp;on
for
remote
data,
in
both
storage
and
transit
• Robust
and
reliable
mobile
data
synchroniza;on
over
unreliable
networks
• Highly
scalable
server
configura;on,
suppor;ng
large
and
growing
mobile
or
remote
deployments
• Integra;on
with
ADF
Mobile
60. Oracle
API
Gateway
(OAG)
• Serves
REST
APIs
and
SOAP
Web
Services
to
clients
– Converts
REST
to
SOAP
– Converts
XML
to
JSON
• Supports
other
protocols
also
– FTP,
SFTP,
FTPS
– TIBCO
Rendezvous
and
EMS
– JMS
(to
IBM
WebSphere
MQ,
Ac;veMQ,
JBOSS
Messaging,
etc)
• Applies
security
rules
– Authen;ca;on:
OAuth,
HTTP
Auth,
Cer;ficate
Auth,
WS-‐Security
– Content
Filtering:
Detec;on
of
SQL
Injec;on,
XSS,
Viruses
• Monitoring
of
API
and
Service
usage
• Caching
and
Traffic
Management
(rou;ng,
thronling)
61. Oracle
Service
Bus
(OSB)
–
Message
&
Service
Integra;on
• Embedded
access
to
service
result
caching
• Intelligent
content
and
iden;ty
based
rou;ng
• Rich
set
of
transports/adapters
• Data-‐oriented
services
and
REST
support
• Dynamic
message
transforma;on
and
streaming
• Built-‐in
monitoring,
management
and
QoS
• Configura;on-‐driven
message
and
service
integra;on
• Op;mized,
pluggable,
policy-‐driven
transport
and
message
security
62. Oracle
Data
Integrator
(ODI)
–
Data
Integra;on
• Out-‐of-‐the-‐box
integra;on
with
databases,
ERPs,
CRMs,
B2B
systems,
flat
files,
XML
data,
LDAP,
JDBC,
ODC
• Knowledge
module
framework
for
extensibility
• In-‐database
transforma;ons
and
data
integrity
controls
on
all
databases
• Rich
ETL
for
Oracle
databases
• Integrates
with
Oracle
GoldenGate
for
real-‐;me
data
warehousing
• Metadata-‐driven
data
lineage
and
impact
analysis
• Integrates
with
Oracle
Enterprise
Data
Quality
for
advanced
profiling,
cleansing,
matching
and
data
governance
needs
63. Oracle
Goldengate
–
Data
Replica;on
• High
performance
data
replica;on
• Heterogeneous
sources
and
targets
• Conflict
detec;on
and
resolu;on
• Real-‐;me
and
deferred
apply
• Event
marker
infrastructure
• Flexible
topology
support
• Data
encryp;on
• ETL
and
JMS
integra;on
• Rou;ng
and
• compensa;on
• Ini;al
load
capability
64. Oracle
SOA
Suite
–
Service
Integra;on
• Unifies
Oracle
and
3rd
party
Cloud
applica;ons
with
on-‐
premises
• Enables
rapid
delivery
of
exis;ng
applica;ons
into
mobile
channel
• Improves
partner
collabora;on
with
bener
B2B
and
API
Management
• Fast
Data
support
with
embeddable
real-‐;me
event
pla}orm
• Op;mized
integra;on
to
Oracle
Applica;ons
running
on
Oracle
Exalogic
65. Oracle
BPM
Suite
–
Business
Process
Management
• Business
driven
design,
execu;on
and
improvement
• Common
process
model
facilitates
Business-‐IT
collabora;on
• Complete
support
for
any
type
of
process,
including
Adap;ve
Case
Management
• Modernize
and
unify
exis;ng
applica;ons
• Time-‐to-‐value
&
packaged
best
prac;ces
with
Process
Accelerators
66. Oracle
Event
Processing
(OEP)
• Lightweight
Java
Applica;on
server
• Deployable
stand-‐alone,
integrated
in
SOA
stack
or
lightweight
on
Embedded
Java
• Con;nuous
Query
Language
(CQL)
based
on
SQL
syntax
• Easy
to
use
Development
Environment
• Enterprise
class
High
Availability,
Scalability,
Performance
and
Reliability
• Various
Integra;on
Opportuni;es
using
AQ,
JMS
and
HTTP
Publish/Subscribe
Connec;vity…
• Coherence
Integra;on
67. Oracle
Business
Ac;vity
Monitoring
(BAM)
• Monitor
business
processes
&
services
in
real-‐;me
– Key
Performance
Indicators
(KPIs)
– Service-‐Level
Agreements
(SLAs)
• Analyze
events
as
they
occur
– Correlate
events
&
KPIs
– Iden;fy
trends
as
they
emerge
– Alert
users
to
bonlenecks
&
solu;ons
• Act
on
current
condi;ons
– Event-‐driven
alerts
– Real-‐;me
dashboards
– BPEL
processes
&
web
services
integra;on
68. Oracle
Big
Data
Appliance
• Massively
scalable
infrastructure
to
store
and
manage
big
data
•
Big
Data
Connectors
delivers
load
rates
up
to
12TB
per
hour
between
Data
Applicance
and
Oracle
RDMBS
• Based
on
Cloudera’s
distribu;on
• Integrated
into
Oracle
Enterprise
Manager
• Advanced
analy;cs
with
Oracle
R
on
Hadoop
data
• Handle
low-‐latency
unstructured
workload
with
the
pre-‐installed
Oracle
NoSQL
database
• Infiniband
connec;vity
between
node
and
across
racks
• Flexible
configura;on
choices
allowing
flexible
growth
for
Haddop
and
Oracle
NoSQL
databases
69. Oracle
NoSQL
Database
• Simple
Data
Model
• Key-‐value
pair
with
major+sub-‐key
paradigm
• Read/insert/update/delete
opera;ons
• Scalability
• Dynamic
data
par;;oning
and
distribu;on
• Op;mized
data
access
via
intelligent
driver
• High
availability
• One
or
more
replicas
• Disaster
recovery
through
loca;on
of
replicas
• Resilient
to
par;;on
master
failures
• No
single
point
of
failure
• Transparent
load
balancing
• Reads
from
master
or
replicas
• Driver
is
network
topology
&
latency
aware
• Elas;c
• Online
addi;on/removal
of
Storage
Nodes
• Automa;c
data
redistribu;on
70. Oracle
WebLogic
Server
§ Java
EE
6
applica;on
server
§ Java
SE
6
and
7
cer;fica;on
§ High
Performance
Pla}orm
for
Mission
Cri;cal
Cloud
Applica;ons
§ Deep
Integra;on
with
Oracle
Database
12c
-‐
Mul;tenant
and
RAC
§ Real-‐;me
data
processing
through
GoldenGate
HotCache
&
Live
Events
§ Built-‐in
support
for
HTML5
and
WebSockets
for
rich
mobile
and
cloud
applica;ons
Oracle
Database
12c
71. Oracle
Iden;ty
Management
• Simplified
Iden;ty
Governance
– Access
Request
Portal
with
Catalog
and
Shopping
cart
UI
– In
product,
durable
customiza;on
of
UIs,
forms
and
work
flows
– Privileged
Account
Management
–
leverage
Iden;ty
connectors,
workflows,
audit
• Complete
Access
Management
– Integrated
SSO,
Federa;on,
API
Management,
Token
Management,
Granular
Authoriza;on
– Mobile
applica;on
security
with
SSO,
device
finger
prin;ng
and
step
up
authen;ca;on
– Social
iden;ty
log-‐in
from
popular
social
media
sites
– REST,
OAuth,
XACML
• Directories
that
Scale
– OUD
op;mized
on
T4
hardware
delivering
3x
performance
gain
and
15%
of
set
up
;me