Loosely Coupled: The Missing Pieces of Web Services [Englisch] [Taschenbuch]

Almost all other books out there are of the how-to cookbook variety. They walk through the protocols, demonstrating how to build Web Services. They're valuable, to be sure, but "Loosely Coupled" is a unique book that explains the *problems* that the Web Services are in tended to solve, and how they solve them. It's a "how-to-think" book. If you want cookbook-style code examples, indeed look elsewhere. This book won't meet your needs. But if you want to get the big picture including deployment options and project-management strategies, this really is the best book I've found so far. The author is coming at this top-down (i.e., from a management perspective), not bottom-up (from the coder's view), but it's great for readers of a wide range of technical proficiency.

OTOH, as "A Reader" says, if you want the best how-to book on Web Services security, Mark O'Neill's book is the best book I've found that deals exclusively with that topic.

I like the way Mr. Kaye divides the book into intended audiences, and the clarity he brings to a topic that is still confuses because of hype, misconception and competing vendor definitions that not surprisingly are slanted towards products.

Understanding how this book is structured and for whom each part is intended will give insight into the content and why this book is an invaluable aid to looking at web services in a clear perspective:

- all readers will benefit from reading the first ten chapters, which cover perspectives (history, definitions, critical pieces that make up web services), and concepts (history of integration, relationships between web services and objects and service oriented architectures, and other factors). Some of this material is either basic or will not be of interest and can be safely skipped. It does cover the landscape of foundation material in a thorough, highly readable manner.

- developers and managers will benefit from technologies (chapters 11-15), which cover the following factors as they specifically relate to web services: transactions, security, and deployment options. This material is an aggregation of both the author's wide and extensive industry experience, and the knowledge and experience of his clients and industry contacts. I consider these chapters to be tried and true advice from the trenches.

- managers and executives are the target audience of strategies, which are covered in five on-the-mark chapters that address project approaches, timing, and [importantly] service level agreements. External services are also covered in this part of the book. The final part of the book is an appendix that is a strategic checklist that is so thorough and comprehensive that it can be used to both scope the complexity of a web services project and as a basis for a work breakdown structure for the project itself.

From the points of view of perspective, concept, and real world advice this is one of the best resources I've discovered on web services. Added value comes from the discussions board and supporting material on the author's website (ASIN B0000A2MOK).

When discussing security, trust, and authorizaton, the author takes his time to beat SSL to death, but does not even mention the standards directly addressing end-to-end security and authorization, such as XML-Security, WS-Security, XKMS, SAML etc. Liberty Aliance and Microsoft Passport are mentioned once in a single sentence as technologies that "support single sign-on". Granted, those technologies are still in flux, but, contrary to the editorial review, they do NOT change on the month-to-month basis, but are there to stay. They are backed up by the industry and have several commercial and open-source implementations. Without the knowledge of at least those buzzwords, one would fail miserably an interview on an architect, developer, manager, or an executive position related to web services.

Some abbreviations, like WSN (web services network) appear to be the author's invention not corresponding to anything real out there. Just try to search on the internet, and the closes match would probably be "Western Society of Naturalists" or "Wedding Services Network".

Some of the author's opinions seem to come from nowhere, not being backed up by any references. For instance, his view of XML firewall that may, among other things, do billing (p. 208) is a bit strange. It's always been a part of the business logic ... or should firewalls distinguish prefered customers, promotional rates, holiday specials, etc. ... :)? The same applies to XML firewalls doing XML conversion (commonly part of the business logic performed as part of a business workflow).

When discussing web services orchestration and transactions, the author does not mention ebXML, BPEL, BTP, WS-Transaction, WS-Coordination, etc. Again, I understand this is a book of concepts, but it should've at least mentioned the most important web services-related buzzwords to keep its readers in touch with reality.

To summarize, I just don't see how this book could benefit its targeted audience (developers, arhitects, managers, and IT executives) in making educated decisions about web services technology.

I'd recommend reading "Web Services Security" by Mark O'Neill et al just to compare the coverage of security. This book also does not contain a single line of code and explains web security concepts to architects and developers. However, Mark is totaly relevant and up-to-date, cleraly riding the web services wave.