In a previous post, Distributed SOA, I have got a couple of comments about how technologies, such as SAML etc., fit in. I would like to say that the title was Distributed Not Federated SOA, but Distributed and Federated mean two different things - although in many deployments, both are used.
Distributed SOA is where a deployment is performed over a geographical area. A good example is in Retail. In the case of Retail, there maybe 1000+ stores that are 100s of miles away from the head office. All of these stores will typically be in the same organizational unit. Requirements of a distributed SOA include (but are not limited to) the ability to manage, deploy and upgrade any location with no organizational overhead, i.e. there should be no extra IT resources required at the deployment site. Within the SOA infrastructure the following may also required:
- The ability to go through firewalls using standard and accepted practices.
- The ability to provide high availability without the need for expensive IT infrastructure such as shared disks.
- The ability to define processes that will essentially travel the network and perform the processing on the network where it makes sense.
- The ability to deploy services on machines, either owned by the same or another organizational unit's data center again, without any extra manpower requirements. Note: This is common in state and local government use-cases.
A Federated deployment is very different because the idea is that different organizations will work together and as such some technologies, such as identity management, are key concerns. A federated deployment does not necessarily need to be distributed. For instance, there are manufacturers that have different divisions that operate in the same building. A federated environment allows the different organizational units to work together through a defined contract that allows the ability to invoke and share public services. However, each organizational unit still will want to keep many things private. Agreed upon security, SLAs, and other contractual definitions are required to make this infrastructure work.
Then there are Federated and Distributed deployments, such as large global manufacturers that have manufacturing plants in many countries and many lines of products managed by different organizational units.
SOA What? Before jumping in the technology toy box and trying to make sure that you have all possible TLAs in the solution, make sure you listen to what is being asked and bring the appropriate technology and no more; only then will you really be in tune with what your customer wants.