An XML Gateway is an externally-facing DMZ tier of a web services platform. Generally, this DMZ tier will be facing the Internet, but it may simply be between business units or facing a leased line connecting one entity to another. It can be implemented using a software solution (such as web services support in a JEE container like WAS or JBoss) or a hardware solution (using SOA Appliances).
The XML Gateway fills some or all of following functions(depending on the environment and architecture):
- Efficient XML parsing & transformations.
- Advertising a consistent web service API to external clients.
- Serves as an entry point for Web Service traffic into an organization’s systems.
- Serves as the termination point for inbound connections for web service calls.
- Especially SSL connections.
- Serves as an outbound proxy for all internal web service consumers.
- Transforming between internally-facing and externally-facing security models.
- Identity Tokens
- Encryption/Digital Signature requirements.
- Etc.
- Authentication and authorization point for both incoming and outgoing Web Service calls.
- Termination point of message-level security (WS-Security, XML Encryption, XML Digital Signature).
- Schema validation of XML-based message payloads.
- Could also be validation of other types of payloads.
- Routes messages appropriately to backend systems-ie, Service Provider tiers.
- Data transformations, potentially.
- Protocol transformations, potentially.
- Service mediation, potentially.
- Support for multiple Message Exchange Patterns (MEPs)
- Synchronous Request Respond
- Asynchronous Request and Respond
- Fire-and-Forget (Asynchronous one-way)
- Ability to convert between MEPs.
Examples of vendors in this space include IBM DataPower, Layer 7 Secure Span Gateway, and Vordel.