To summarize web history from a software perspective, phase 1 was the emergence of HTML-based web pages providing point and click access to document servers; phase 2 was the addition of state management, which enabled interactive, data-driven applications that resembled the client/server systems of the time; while phase 3 was the emergence of web services, enabling a dynamic web where business logic could act and interact on the fly.
The original trio of standards that helped get web services off the ground included SOAP (Simple Object Access Protocol), which provided a messaging protocol for sending XML-based service requests over HTTP; WSDL (Web Services Definition Language), which specified how a service is described and exposed; and UDDI.
Of the trio, WSDL became the pivotal ingredient since it provided the actual mechanism for making services available. After that, it didn’t really matter how you requested it; there are many ways you could send a service request without using SOAP, and you didn’t necessarily need a registry if you knew what service you were looking for.
Nonetheless, as web services were initially conceived, UDDI was regarded as the engine that would make the whole thing dynamic as advertised. Under that scenario, a service request would dynamically interrogate a UDDI registry to locate a service that it could request without any human interaction. At least that was the thought.
Not surprisingly, history didn’t quite work out that way. The very notion of dynamic discovery was easily confused with discredited B2B exchanges that conjured up the idea of loss of control. The idea of spontaneously auctioning for goods with anonymous trading partners like ships passing through the night didn’t pass muster because it went against 20 years of supply chain practice where companies were actually consolidating, not expanding their circles of trading partnerships.
Similarly, the idea of dynamic discovery introduced issues like, how can we be sure that we are connecting with a trusted partner for the right service? In an era of Sarbanes-Oxley, nobody wants to invite in any process where there might be some randomness.
Further burying the idea of dynamic discovery is that the process could be very chatty, requiring lots of messages of receipt and acknowledgment. Additionally, with the content being written as resource-hungry XML (which consumes far more bytes than binary code), the process could prove extremely slow and cumbersome. Not exactly an attractive notion in an era where competitive pressures are pushing companies more towards real-time and straight through processing.
Given that early web services deployments were therefore bypassing registries because nobody wanted to deal with the burden of dynamic discovery, it seemed like UDDI was dead before it even arrived.
However, revisionists such as ZapThink’s Ron Schmelzer eventually voiced the notion that discovery was not necessarily what UDDI should be about. Instead, they viewed the registry as a way to manage policy.
Specifically, the registry would define levels of security and access for incoming services requests. So instead of a SOAP message request searching the cloud for a service, it would interrogate a registry to see if it could even get through the door.
To aid the vision, the web services standards community has devised WS-Policy, which specifies header structures and syntax for expressing policy, and WS-Policy Attachment, which specifies how policy is enforced at run time. So registries would now have a standard way of expressing what is permissible.
In a world where measures like Sarbanes-Oxley are forcing public companies to audit their tracks, while Gramm-Leach-Bliley, HIPPA, and other measures are driving entities to safeguard the privacy and sanctity of consumer records, it would have been inevitable that some consensus repository would have to emerge if the promise of web services was ever to be realized. Ironically, UDDI, which had more freewheeling origins, may have unintentionally stumbled into that role after being given up for the grave.