Allow user to set HTTP Request operations, headers, such as "Authorization", "Content-Length" for PUT, "Content-Type"", "x-amz-security-token", etc
Allow user to have access to HTTP Response headers, status code, body
Ability to handle Redirects and 100-Continue
Need to calculate message signature using crypto and base64 algorithm
Need to set Http "Date" header using this format "EEE, dd MMM yyyy HH:mm:ss "
Need to dynamically do "Get/Put/Delete/Head" operations on dynamic URLs, currently BPEL only allow dynamic URL, but not dynamic Http Verb.
Creating a Sample Project using BPEL as orchestration
AmazonWS REST security mechanism is a little different than Google's REST security mechanism. Google requires user to do a POST operation first using username/password, and returns a security token to be used for subsequent Http requests. AmazonWS security is different. Amazon pre-issue user a pair of accessKeyId/secretyAccessKey, and for every request, user needs to put in the Http header the "Authorization" header. This header is calculated using this formula:
Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature;
Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( StringToSign ) ) );
StringToSign = HTTP-Verb + "\n" +
Content-MD5 + "\n" +
Content-Type + "\n" +
Date + "\n" +
CanonicalizedResource = [ "/" + Bucket ] +
<HTTP-Request-URI, from the protocol name up to the query string> +
[ sub-resource, if present. For example "?acl", "?location", "?logging", or "?torrent"];
CanonicalizedAmzHeaders = <described below>
Another requirement is that "Date" header should always be set, and should be in a compliant format such as "EEE, dd MMM yyyy HH:mm:ss ".
The above two items are easy to do in Java, but not easy to do in BPEL, thus in the sample project we are creating, we use a EJB webservice as a helper library for BPEL to accomplish these two tasks.
See Figures below:
Basically, the flow sequence is as follows"
BPEL process is triggered by a HTTP client via HTTPBC
BPEL calls EJB-WS to ask for the current Date, and saves it in a variable
BPEL calls EJB-WS to calculate the message signature of this request, and saves it in a variable
BPEL use HTTPBC to do a GET operation on a URL, populating all the required Http headers
BPEL returns the GET response body to the HTTP client
See picture below on how to populate the HTTP headers in BPEL mapper:
To see how the sample project is built, download it from amazonprojects.zip. Note: to run it you have to replace the "secretAccessKey" in the BPEL file with your own secretAccessKey.
POST: as described above, POST operation is not really used in AmazonWS, PUT is the equivalent of POST here.
PUT: it is not currently supported by HTTPBC. It is supported by JAXWS, however, there seems to be a few problems with content-types, see issue tracked at bottom of the page.