University of Toronto Home Page

Web Services

This section contains technical references for developers on how to extract data from ROSI using secure network communications.

What are EASI Web Services?

Web services are self-contained functions that can be published and invoked across the web using XML-based protocols. Usually web services are designed to support interoperable Machine to Machine interaction over a network. EASI Web Services are currently only developed by EASI on an as-needed basis. EASI Web Services are used to expose data from ROSI in a secure fashion. You can access EASI Web Services through a SOAP interface. SOAP forms the foundation layer of the Web services stack, providing a basic messaging framework for exchanging XML-based messages over networks (normally using HTTP/HTTPS).

How can I get started using EASI Web Services?

To begin using EASI Web Services the following prerequisites have to be met:
  • The functionality that you are wishing to use should already exist as a web service
  • Your calling program will need proper authorization credentials (username/password) to be able to access the web service.

Requests for new web services should be referred to your business process representative who, in turn, will forward it to your client representative

Using Web Services

Now that I have authorization credentials, how do I start making calls to EASI Web Services?

Once you have your authorization credentials, you will need to meet the following prerequisites for making web service calls:

  • Use of SOAP requires programming expertise
  • Experience with XML, WSDL is necessary
  • Experience with XSLT may be necessary
  • Ability to write and work in a programming language which supports making calls to web services (as a client)

How does EASI ensure the security of Web Services?

To ensure the security of the messaging traffic across networks, we require that you use SOAP 1.2 over HTTPS. In addition, we use WS-Security 1.1 to ensure that you are allowed to make calls only to services that you are authorized to make calls to. The OASIS WS-Security specification is the open standard for Web services security. Its goal is to let applications secure SOAP message exchanges by providing encryption, integrity, and authentication support. WS-Security offers a general-purpose mechanism for associating security tokens with message content. EASI uses the UsernameToken profile whereby a web service client must supply a UsernameToken as a way to identify the requestor by a username and password.

Are there any code samples to help me get started?

We offer several different examples of calling EASI Web Services. Note that these samples are provided as-is with no implied support.