The most popular and comprehensive Open Source ECM platform
Once a set of SOA services are established and proving value internally to an organization, often the question comes up as to how to
share some of those services with organizations that are partners, suppliers or customers to you.
Often the service that needs to be externalized is one of many that needs to be isolated and properly secured to allow access from external organizations. David Linthicom identified three considerations before opening the service up to the world:
Security/Authorization. The most frequent scenario is for an organization to open up a service with the intent that access should be limited
to only authorized individuals and organizations. Services need to be secured by authentication mechanisms. Tracking mechanisms should be in place to determine who is accessing the service and why. Further, sensitive data should be encrypted.
Standards Mediation. The problem needs to be solved that service consumers and providers need to be on the same page as to what Web Service standards will be used for exchanging data. SOAP and REST are two of the most frequently used standards. Making the service as open as possible to a variety of service interfaces allows for the most flexibility.
Versioning. Services change. Once you publish a service externally, you need to keep all consumers of the service on the same page about any changes that might be made in the service. Versioning changes can alert the consumer that something has changed and may provide a way to continue to consume a service using the older interface.