What is an XML Gateway?

An XML Gateway is an externally-facing DMZ tier of a web services platform.  Generally, this DMZ tier will be facing the Internet, but it may simply be between business units or facing a leased line connecting one entity to another.  It can be implemented using a software solution (such as web services support in a JEE container like WAS or JBoss) or a hardware solution (using SOA Appliances).

The XML Gateway fills some or all of following functions(depending on the environment and architecture):

  • Efficient XML parsing & transformations.
  • Advertising a consistent web service API to external clients.
  • Serves as an entry point for Web Service traffic into an organization’s systems.
  • Serves as the termination point for inbound connections for web service calls.
    • Especially SSL connections.
  • Serves as an outbound proxy for all internal web service consumers.
  • Transforming between internally-facing and externally-facing security models.
    • Identity Tokens
    • Encryption/Digital Signature requirements.
    • Etc.
  • Authentication and authorization point for both incoming and outgoing Web Service calls.
  • Termination point of message-level security (WS-Security, XML Encryption, XML Digital Signature).
  • Schema validation of XML-based message payloads. 
    • Could also be validation of other types of payloads.
  • Routes messages appropriately to backend systems-ie, Service Provider tiers.
  • Data transformations, potentially.
  • Protocol transformations, potentially.
  • Service mediation, potentially.
  • Support for multiple Message Exchange Patterns (MEPs)
    • Synchronous Request Respond
    • Asynchronous Request and Respond
    • Fire-and-Forget (Asynchronous one-way)
  • Ability to convert between MEPs.

Examples of vendors in this space include IBM DataPower, Layer 7 Secure Span Gateway, and Vordel.