12.13.2007

People work with WS-* web services in PHP? Why?

I'd love to give ws02 a fair shake because they have an open source business model. They have a web services framework for PHP which seems interesting from an academic standpoint. But I think WS-* web services are WAY too complicated when compared to REST.

Just look at this new product description from ws02:
The WSO2 IS enables LAMP and Java websites to provide strong authentication based on the new interoperable Microsoft CardSpace technology, which is built on the open standards Security Assertion Mark-up Language (SAML) and WS-Trust.

Your life is now 1 minute shorter after trying to read and fully understand that paragraph. Nevermind how much time would be spent trying to actually get this stuff to work.

I spent a lot of time in 2001-2002 working with Amazon's merchant program and the SOAP feeds required for putting client product on the Amazon site. I generally think that Amazon has a pretty good clue about how to do things technically and they seemed to make it as easy as possible while using SOAP. But it was still way too complicated for what we were trying to achieve (ie, send a list of available product to Amazon to sell ). And at the time, it was a nightmare in PHP. Now of course, we have the official PHP SOAP extension and some items in PEAR to work with too (does nusoap still exist?)

But I've run screaming from WS-anything since then, only getting caught in its claws a few times. It hasn't gotten any easier. It's gotten more difficult. And more pointless. I'm not alone in this thinking.

So I guess the ws02 folks are trying to solve the issue of authentication for web services. Hasn't web services authentication been solved already in a much easier way too?