WebSocket Perspectives and Vision for the Future

Frank Greco - @frankgreco
Director of Technology, Kaazing
WebSocket Perspectives
and
Vision for the Future

© 2013 Kaazing Corporation
§  Brief Background on WebSocket
§  What Really is WebSocket and What it is Not
§  Layered Approach to Web Protocols
§  The Web beyond the Browser - XaaS
§  Use Cases and Demos
Outline

Me…
§  Director of Technology @ Kaazing
§  Chairman NYJavaSIG (javasig.com)
§  Largest Java UG in North America
7,500+ members
§  Chair NYHTML5
§  Email: frank.greco@kaazing.com
§  Twitter: @frankgreco
§  Yell: “Hey Frank!”

Welcome HTML5 (aka The New Web)
§  Users are Demanding more from Apps
§  UI/UX Requirements are more sophisticated
§  Browser Enhancements and Evolution
§  API Explosion
§  Web no longer just about Documents… even partial or
pseudo documents
The New Web is a Programmatic Foundation for Rich,
Reliable and Really Cool Apps

Welcome HTML5 (aka The New Web)
§  Users are Demanding more from Apps
§  UI/UX Requirements are more sophisticated
§  Browser Enhancements and Evolution
§  API Explosion
§  Web no longer just about Documents… even partial or
pseudo documents
The New Web is a Programmatic Foundation for Rich,
Reliable and Really Cool Apps
But…

§  Designed for document transfer – HTTP
-  Short-lived Request / Response interaction
§  Bidirectional, but half-duplex
-  Traffic flows in only one direction at a time
§  Stateless
-  Large amounts of metadata resent for each request
We Live in a Real-Time World… HTTP?
Yes, HTTP 2.0 will be better, but the
Web was not originally designed for
“real-time”, event-based services…

Some things age well…
TCP
HTTP

…and some things don’t
Oldies Hits - AJAX and the Comet Pollers - 2006

WebSocket
•  “Real-Time”, bi-directional connectivity
•  IETF Protocol - RFC 6455 – Dec 2011
•  W3C API
•  Easily add event-based capability to web apps
•  Avoids polling (and resource consumption)
•  Avoids HTTP meta-data overhead
•  Shares port with HTTP (80/443)
•  Peer protocol to HTTP (both use TCP)

§  IETF Formal Protocol (RFC 6455)
-  Event-driven JavaScript API
-  Full-duplex communication protocol
§  W3C API – Candidate Recommendation
-  http://www.w3.org/TR/websockets/
§  Integrates HTTP addressing
-  ws://yourcompany.com/collaboration_svc
-  wss://anothercompany.com/marketdata_svc
§  Traverses firewalls, proxies, routers securely
§  Text and Binary
§  Leverages Cross-Origin Resource Sharing (CORS)
WebSocket Standards

But Why WebSocket?
It’s the Most Important API in HTML5!
•  Facilitates other protocols
•  Puts the web in a better place…
“Connectedness” – Always On… not partially on.
Connect to People, Services, Work, Play, Buying/Selling,
Collaboration, Entertainment, Navigation, Music, Politics,
Philosophy, Devices, etc, etc, etc…

The WebSocket Handshake

WebSocket Frames
§  Frames have a few header bytes
§  Data may be text or binary
§  Frames from client to server are masked
(XORed w/ random value) to avoid black hats with old proxies
§  Use TLS in production – avoids a lot of issues…

Java API for WebSocket - JSR 356
§  Creation of WebSocket Java components to
handle bi-directional WebSocket conversations
§  Handling WebSocket events
§  Creation and consumption of WebSocket text and
binary messages
§  Allows for WebSocket protocols and content
models for an application
§  Configuration and management of WebSocket
sessions, like timeouts, retries, cookies,
connection pooling
§  Specification of how WebSocket application will
work within the Java EE security model!
§  Official Java SE WebSocket API in the works…

What WebSocket is Not
•  It is not a New AJAX
AJAX was a lovable hack
•  It is not a Push mechanism
WebSocket is full-duplex, bi-directional
•  It is not a Messaging system
It’s an agnostic wire protocol
It’s a low-level transport API
•  It is not a Replacement for HTTP
HTTP is still great for static,
cacheable info

Legacy HTTP vs WebSocket
For Real-Time, Event-based Web Communication…
Seems like a no-brainer for most apps…

HTML5 WebSocket API
Make sure WS is open
before usage… J

HTML5 WebSocket API
Dealing with WebSocket is like dealing with TCP.
It’s a streams-based model. You need to understand how
to handle streams-based data over the wire.
e.g., How do I do publish/subscribe?
But…

What is Missing?
Where is the Application-level Protocol?
•  Who handles retries?
•  How do we handle publish/subscribe semantics?
•  How do we handle market data, last value cached, ?
•  Is guaranteed delivery possible (trades)?
•  What if the client is not active?
•  How do we handle [fill in with favorite semantics]
•  What about partials?
•  Who’s responsible for entitlements? How do I
manage that?
•  etc…

WebSocket
TCP
JMS XMPP AMQP B2B FTP VNC mktdata etc
Browser and Native Applications
WebSocket
Gateway
Internet
WebSocket
Gateway
Whoa… Its just like TCP! Huzzah!
But wait… Protocol Layering is Possible!

Anything Else Missing?
Other Considerations for the Real-World…
•  Need to handle multiple WS versions
•  Need to handle multiple (and legacy) browser versions
•  Can’t have business logic in the DMZ
•  Have to work in multiple DMZs
•  AuthN/AuthZ has to work multiple times
•  High-availability topology
•  Concerns about open ports with back-end service
•  Services architecture needs to be consistent
•  Native, HTML5 and hybrid environments
•  Integrate easily with non-messaging services
•  XaaS integration – the Web beyond the browser
•  Bandwidth management
•  etc… All things you need for a real enterprise app

Publish/Subscribe over the Web – an Example
Java Message Service (JMS)
over
WebSocket
A 60-second Tutorial
In case you haven’t heard of JMS…
Messaging more resilient than RPC point-to-point, especially for composite services.
Many companies rely on ESBs

Java Message Service (JMS)
•  Java EE Message Oriented Middleware
•  JMS 1.0 2001, JMS 1.1 2002, JMS 2.0 (Feb 26, 2013)
•  Asynchronous Messaging vs. RPC
•  Loosely coupled vs. Tightly coupled
•  Pub/Sub, Topics, Queues
•  Transactions, Reliable

Basic Inside-the-Firewall JMS (Java to Java)
conn = createConnection();
sess = conn.createSession();
topic = jndiContext.lookup(topic);
pub = sess.createProducer(topic);
pub.send(“hey Frank”);
sub = sess.createConsumer(topic);
sub.setMessageListener(this);
…
public void onMessage(Message m) {
String s = m.getText();
… do stuff…
}
…
… do stuff…
}
…
… do stuff…
}
msg
broker

Now… JMS API for JavaScript - example
connFactory = new StompConnectionFactory(…url…);
connection = connFactory.createConnection(…)
session = connection.createSession(…);
var myTopic = session.createTopic("/topic/myTopic");
topicProducer = session.createProducer(myTopic);
topicConsumer = session.createConsumer(myTopic);
topicConsumer.setMessageListener(onMessage);
1
2
3
4
5
6
7

JMS API for JavaScript
8.  Send messages
9.  Process messages: the message listener
function: onMessage()
var onMessage = function(message) {
if (message.getStringProperty(MESSAGE_PROPERTIES.userId) != userId) {
$("#slider").val(message.getText());
$("#pic").width(message.getText());
}
};
var doSend = function(message) {
message.setStringProperty(MESSAGE_PROPERTIES.userId, userId);
topicProducer.send(null, message, DeliveryMode.NON_PERSISTENT, 3, 1, function()
sendFromQueue();
});
};

Higher Level APIs (over WebSocket) for JavaScript
So if you can layer application protocols and APIs over
WebSocket, what do you have?
•  Easier WebSocket programmability
•  Event-driven applications over the web
•  Event-driven APIs over the web
•  Not necessary to open non-standard ports
•  Web infrastructure now truly “disappears”
•  Reduction in complexity
•  Further opportunities to innovate
•  Mobile + cloud + HTML5/WebSocket
•  Internet/Web of Things
•  New world awaits!

WebSocket Projects, OSS, Vendors
•  Kaazing
•  Node.js/socket.io/SockJS/engine.io
•  ActiveMQ
•  Tomcat
•  Jetty
•  Oracle Glassfish
•  Java EE – JSR 356
•  Play Framework
•  Rabbit MQ
•  JBoss
•  IIS/ASP .NET 4.5
•  PHP, Objective-C, Ruby, Python, C/C++, JVM-langs…
•  Many more…

WebSocket Examples

Futures
What’s next for WebSocket?

New Computing Model
Clouds
A Mobile App is easier to port to Desktop
A Desktop App is a challenge to port to Mobile

Industry View of Cloud Stack
Hardware
Infrastructure as a Service
IaaS
Platform as a Service
PaaS
Software as a Service
SaaS

More Accurate View - Cloud Services Stack
Hardware
Compute/Network/Storage
Development, Delivery,
Management, Security,
Messaging, Integration, Testing,
…
Applications

Web APIs
§  APIs from everywhere
§  Over 9,000 public APIs and even more Mashups
-  programmableweb.com/apis/directory
-  Amazon, Facebook, LinkedIn, AT&T, Google, Microsoft,
NYTimes, Orange, SalesForce, Telefonica, Twitter, Visa,
Vodafone, Yandex
§  Enterprise and B2B APIs
§  Over time, more will be event-based – NoREST?
§  Services… Services… Services…

Open APIs
Most Popular
Google Maps, Twitter, YouTube, Flickr, Amazon eCommerce, Facebook, Twilio, …

Event-based XaaS
Monitoring as a Service
Integration as a Service
Enterprise Messaging
as a Service
WAN Optimization as a Service
Governance as a Service
Database as a Service
Analytics as a Service
EAI as a Service
CDN as a Service
Trade Clearance as a
Service
Windows Desktop
as a Service
Sentiment Analysis
as a Service
Auditing as a
Service
Telephony as a
Service
Data Center as a Service
Network as a Service
Risk Analytics
as a Service
Backup
as a Service
Security as a Service
Notification as a Service
Identity as a Service
Testing as a
Service

New Computing Model
CloudCloud
Pub/Sub
Cloud
Enterprise
Storage
Notifications
Transactions
Monitoring
Email Docs
Cloud VNC
DesktopCloud Cloud Sentiment
AnalysisRisk
Management
websocket
websocket
websocket
websocket
websocket
Wealth Management
Collaboration

Inter-Cloud Connectivity
Enterprise
service
Enterprise Service Bus
service service
External Cloud
Service Bus
service service service
iPaaS
Internet Service Bus
websocket
websocket
Sentiment Analysis
as a Service
Risk Management
as a Service
Compliance
as a Service
Telemetry Aggregation
as a Service

Other Interesting Directions….
•  HTTP 2.0 and WebSocket
•  WebSocket extensions: compression, mux, etc
•  TCP <-> WebSocket <-Net-> WebSocket <-> TCP
•  Embedded WebSocket (telecom, tv, car, etc)
•  WebRTC signaling, etc
•  MMO Gaming
•  Big Data event processing (risk management, et al)
•  Real-time Ad exchanges
•  More types of cloud services – Real time XaaS
•  Internet/Web of Things

Use Cases and Demos
Peter Moskovits
peter.moskovits@kaazing.com, @pmoskovi

Web Trading Systems
FX Trader Application – front office
demo.kaazing.com/forex
High msg rate, small payload requirements…

Mobile Mobile Computing
demo.kaazing.com/racer

Prezing – Web-Collaborative Presentation Tool

LabView UI replicated to Browser in Real-time
Data Acquisition – courtesy of Bergmans Mechatronics
LabView browser

Monster Truck as a Service
github.com/dpwspoon/kaazingPi
Controlling an RC car
remotely via Web Messaging!

Questions?
frank.greco@kaazing.com

WebSocket Perspectives and Vision for the Future

More Related Content

What's hot (20)

Similar to WebSocket Perspectives and Vision for the Future (20)

Recently uploaded (20)

WebSocket Perspectives and Vision for the Future