Communication interfaces

There are three different communication interfaces involved when dealing with service registration and invocation via a Service Broker:

•	Service registration interface (server to Service Broker).

•	Service invocation interface (Service Broker to server).

•	Service invocation interface (client to Service Broker).

Each interface can be set up as either secure (via HTTPS) or insecure (via HTTP).

Service registration – server to Service Broker

A StreamServer can publish services as secure or insecure. When a StreamServer publishes a service as secure, it also informs the Service Broker that this service must be invoked as secure. This means that it is not possible to publish a service as secure and then let the Service Broker invoke the service as insecure, or vice versa.

The same security status for all services

A StreamServer must publish all its services as either secure or insecure.

Multiple registrations of the same service

If several StreamServers publish the same service in a Service Broker, they must all publish it with the same security status. For example, if CS1 and CS2 host the same service, both must publish the service with the same security status. If CS1 published the service as secure, and CS2 tries to publish the same service as insecure, the service registration for CS2 will fail.

Service invocation – client to Service Broker

The client can be a StreamServer, or any type of client that can use the Service Broker invocation protocol.

The Service Broker has one HTTP listener for insecure communication, and one HTTPS listener for secure communication. Both listeners can be run at the same time, enabling both secure and insecure communication. The configuration parameters for the listeners – port, time-outs, etc. – are specified at different locations. The parameters for the HTTP listener are the Service Broker properties specified in the Control Center (see Service Broker settings in the Control Center). The parameters for the HTTPS listener are specified in a security configuration file. The path to this file is specified in the Control Center GUI.

Service invocation – Service Broker to server

When a client sends a request to the Service Broker, the Service Broker tries to find a matching service. If a matching service is found, the Service Broker checks the security status of the service. If the security status is secure, the Service Broker invokes the service via HTTPS, and if the security status is insecure, the Service Broker invokes the service via HTTP.