comment=spam: Managing Dependencies in SOAs
Service Oriented Architecture has been a prominent theme in IT for a number of years. With Notes/Domino 8+ adding Composite Apps, Eclipse Contributions, Web Service consumers, and tools to integrate data from disparate sources into Domino applications ("on the glass" and otherwise), the promise of bringing the benefits of SOA to Domino applications is being realized.
Not surprisingly, SOA brings not only new opportunities, but also new challenges. One area of particular interest to me today is the complexity SOA can bring to managing applications through new dependencies on external services. IT organizations supporting applications taking advantage of SOA will need to put processes in place to handle changes to services.
We recently had an incident on this blog due to such a change: last week we discovered that comments on this blog were not being recorded.
We use an open-source, Domino-based blog who's contributors have put much effort into making it a first-class product; I won't speak to the strengths or weaknesses of the product because my focus here is on this problem of "coupling" that exists in integrating third-party services, which represents a much larger issue for SOA.
(read more)
Not surprisingly, SOA brings not only new opportunities, but also new challenges. One area of particular interest to me today is the complexity SOA can bring to managing applications through new dependencies on external services. IT organizations supporting applications taking advantage of SOA will need to put processes in place to handle changes to services.
We recently had an incident on this blog due to such a change: last week we discovered that comments on this blog were not being recorded.
We use an open-source, Domino-based blog who's contributors have put much effort into making it a first-class product; I won't speak to the strengths or weaknesses of the product because my focus here is on this problem of "coupling" that exists in integrating third-party services, which represents a much larger issue for SOA.
(read more)
Suffice it to say, we had enabled integration with a third-party blog aggregator, which had been working without issue for some time. We had also enabled a feature to block spam posts.
When we realized comments weren't being saved, and began debugging, finally watching HTTP traffic to figure out what was going on, it became apparent that when the integration with the aggregator was enabled, a value from the query-string of the form submission ended up missing, causing the comment to trip the spam filter and get deleted. Thus all comments posted were automatically deleted as spam.
I can't say what the exact source of the problem was, whether it indeed came from a change to the service by the aggregator, or lack of proper handling in the blog software -- because after determining that disabling either the aggregator integration or the spam filtering would fix the problem, understanding why just wasn't a priority. Which also worries me -- as we become more dependent on SOA are we less likely to be able to support good practices in Configuration/Change Management?
Even when the interface to a service is owned by the same organization wishing to consume it, these issues can still be relevant. A couple of years ago I was involved in planning a possible integration of a large system of Notes databases with related data in SalesForce.com via their Web Services API. One of the major concerns was how to govern changes to the system. The owners of the SalesForce application considered, as a key benefit of that system, that they had the control (and not the IT department) of what data was stored in SalesForce. There are methods for managing this kind of scenario (for example, dynamically building client proxies at run-time and pro-actively managing changes to the interface) but they add a huge amount of complexity to a system which would negate return on investment for many IT projects. Telling the owners of the SalesForce application that they would have to wait for IT to process requests to add fields to the application was likely a deal-breaker.
As Lotus Notes/Domino professionals, do you see integrating SOA offerings into your applications? Are you doing it already? How do you anticipate handling change in the context of third-party dependencies? What changes to your process do you envision to help support your governance efforts?
When we realized comments weren't being saved, and began debugging, finally watching HTTP traffic to figure out what was going on, it became apparent that when the integration with the aggregator was enabled, a value from the query-string of the form submission ended up missing, causing the comment to trip the spam filter and get deleted. Thus all comments posted were automatically deleted as spam.
I can't say what the exact source of the problem was, whether it indeed came from a change to the service by the aggregator, or lack of proper handling in the blog software -- because after determining that disabling either the aggregator integration or the spam filtering would fix the problem, understanding why just wasn't a priority. Which also worries me -- as we become more dependent on SOA are we less likely to be able to support good practices in Configuration/Change Management?
Even when the interface to a service is owned by the same organization wishing to consume it, these issues can still be relevant. A couple of years ago I was involved in planning a possible integration of a large system of Notes databases with related data in SalesForce.com via their Web Services API. One of the major concerns was how to govern changes to the system. The owners of the SalesForce application considered, as a key benefit of that system, that they had the control (and not the IT department) of what data was stored in SalesForce. There are methods for managing this kind of scenario (for example, dynamically building client proxies at run-time and pro-actively managing changes to the interface) but they add a huge amount of complexity to a system which would negate return on investment for many IT projects. Telling the owners of the SalesForce application that they would have to wait for IT to process requests to add fields to the application was likely a deal-breaker.
As Lotus Notes/Domino professionals, do you see integrating SOA offerings into your applications? Are you doing it already? How do you anticipate handling change in the context of third-party dependencies? What changes to your process do you envision to help support your governance efforts?
Category SOA Challenges
| Permalink |
|
|
|
|
|
