Reliable Web Service Messaging with Apache Sandesha2

Archived Content
This article is provided for historical perspective only, and may not reflect current conditions. Please refer to relevant product page for more up-to-date product information and resources.
  • By Chamikara Jayalath
  • 28 Jun, 2007

Chamikara Jayalath has been a contributor to the Apache Web services project for more than two years and was the initial contributor to Apache Sandesha2 and Apache Savan. He is a PMC member of the Apache Web services project and is currently employed as a Software Engineer at WSO2.

Oxygen Tank (OT): What is the advantage of Sandesha2 in comparison to its predecessor Sandesha1.x? In other words, why was a Sandehsa2 required?

Chamikara: Apache Sandesha is a WS-ReliableMessaging implementation for Apache Axis 1.x. Sandesha2 was started as a WS-ReliableMessaging implementation for Apache Axis2. So they serve two different purposes.

OT: How does Sandesha2 achieve reliability?

Chamikara: Sandesha2 implements WS-ReliableMessaging specifications. As you may already know, the Web services world is driven by specifications. So WS-ReliableMessaging is the specification that was developed to provide the reliability feature. The earlier version of the specification known as WSRM 1.0 was released in February 2005. The second version named WSRM 1.1 is being developed under OASIS. Sandesha2 supports both these specifications.

OT: Can you explain how implementing these specifications help you to achieve reliability?

Chamikara: Well, if you have an understanding of how TCP works, this is pretty similar. WS-ReliableMessaging is an acknowledgment and retransmission based protocol. The client (known as RMS or the RM source) sends messages to the server (known as RMD or the RM destination) and expects an acknowledgment. If the server does not send an acknowledgment

within a given time interval, the client retransmits the message. So even if a certain message gets lost due to network problems, the client will keep sending it. This helps achieve reliability.

OT: Tell us about the concept of WSRM Sequence in Sandesha2?

Chamikara: Yes, In WS-ReliableMessaging a sequence is a channel established between the client and the server which is identified by a unique identifier. Messages are always sent within sequences and every message is numbered. The server can use this information to send an acknowledgment to indicate which messages it received correctly. Also, it helps the server to identify the order in which the client sent those messages to the wire. So changes due to network latencies can be altered. In Sandesha2, we provide several convenient functions to create and manage your sequences.

OT: What other features does Sandesha2 provide other than for reliability?

Chamikara: Sandesha2 provides an In-Order Exactly-Once delivery assurance. By In-Order, we mean that the server will invoke the messages in the same order they were sent by the client. Exactly-Once means that the server will make sure that it will invoke each message only once. So re-transmissions will not cause duplication invocations.

Sandesha2 provides several other useful features including Sandesha2 Storage Framework, WS-Policy based configuration model and support for integrating with WS-Security and WS-SecureConversation implementations.

OT: How is the data stored in Sandesha2?

Chamikara: Sandesha2 Storage Framework is the storage layer of Sandesha2. All the data in Sandesha2 is kept and managed as Beans, and the Storage Framework provides the interface to manage these Beans. By implementing the Storage Framework, you can easily make Sandesha2 work over various databases. Also if a certain storage framework is implemented using an OR mapper such as Hibernate, you can easily switch the database. Currently Sandesha2 ships with an In-Memory storage framework. Also, you can find a Hibernate based Storage Framework under WSO2.

OT: What if you need both security and reliability?

Chamikara: You can configure Sandsha2 to work with the WS-Security/WS-SecureConversation implementation.

If you only need basic security you can start working just by deploying Sandesha2 and Rampart. If you need WS-SecureConversation as well, you'll need to change the SecurityManager of Sandesha2 to RampartBasedSecurityManager.

OT: Thanks a lot for that clear picture on Apache Sandesha2. How can someone contribute to Sandesha2?

Chamikara: You can start by joining the Sandesha2 development mailing list which is You can send your questions, comments and suggestions to this list. We will do our best to provide suitable answers to all your mails. You can try to fix some of these problems yourself. Create a JIRA issue for Sandesha2 ( and attach your fix. We will always be ready to grant Apache committership to people who submit good patches.

OT: Chamikara, thank you for talking to Oxygen Tank.