While binary format is fine for trusted connections, most companies are unwilling to let binary data flow freely into and out of the company over port 80—the standard port used by HTTP. In contrast, it's relatively safe to let text information flow back and forth. And that's exactly how XML Web services behave.

But passing XML across the Web has inherent inefficiencies because it must be translated at both ends of the connection. In contrast, other types of distributed applications, such as financial systems, object remoting, and terminal emulation programs, were initially conceived when bandwidth was very limited and therefore were designed to transmit information as efficiently as possible. Further, these systems generally transmit non-textual data in binary formats, which are more efficient because they require less translation, and because the formats typically contain less meta-information. But while a binary format is fine for trusted connections, most companies are unwilling to let binary data flow freely into and out of the company over port 80—the standard port used by HTTP. In contrast, it's relatively safe to let text information flow back and forth. And that's exactly how XML Web services behave. They are first translated on the sender's side into a text representation, transmitted via HTTP, and then retranslated on the receiver's side back into the original form. Translating to and from text is safe, but inefficient.

To be truly useful, Web services need to handle not only pure data—numbers, text, and dates—but should also handle data bound up in objects. Serialization to XML solves this problem.

To be truly useful, Web services need to handle not only pure data—numbers, text, and dates—but should also handle data bound up in objects. Serialization to XML solves this problem. In combination with a schema, you can take any object and serialize (save) it to XML, pass it to a remote machine and then deserialize it, effectively recreating the object remotely. Obviously, the programs involved need to understand how to use the objects, but object serialization via XML solves the problem of a common object representation very nicely—exactly the problem that Distributed COM (DCOM) and CORBA were intended to solve. In some respects, Web services are a step backward: DCOM and CORBA have capabilities that Web services and XML still do not have. But it's just a matter of time until Web services catch up.

Despite lingering inefficiencies, XML's text format and its ability to represent serialized objects are the third step in the evolution of Web services. Using existing Web servers, companies can pass XML-formatted data and serialized objects through their firewalls using the ubiquitous HTTP over port 80—a port which is already both exposed (due to the Web) and protected (by firewalls, routers, proxies, and virus scanners) at most companies because of the nature of the Web.

The Need for Data Types and Schema

Invoking Remote Components

In this Article
Introduction	Step 3: Achieving Firewall Transparency
Step 2: The Need for Data Types and Schema	The Final Step: Invoking Remote Components Using SOAP