sca-c-cpp message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: NEW ISSUE: C C&I is inconsistent wrt Policy
- From: Bryan Aupperle <aupperle@us.ibm.com>
- To: sca-c-cpp@lists.oasis-open.org
- Date: Mon, 30 Mar 2009 09:49:12 -0400
Target: C C&I Specification
CD03
Description: The specific intent annotations defined in Appendix
B.2 are not consistent with the intents defined in Public Review Draft
of the SCA Policy Framework spec. Specifically
1) The Policy Framework now defines
intents for clientAuthentication, serverAuthentication and mutualAuthentication
(the original authentication intent remains, but is a synonym for clientAuthentication)
2) Replaced all the prior Security Implementation
intents with a single authentication intent, which can be qualified with
fine_grain.
3) Added a noManagedTransaction intent
(which has different semantics that a lack of a managedTransaction intent).
Proposal: (All changes are in section B.2)
1) Replace @Authentication with @Client Authentication and add @ServerAuthentication
and @MutualAuthentication intents, both of which can be qualified with
message or transport
2) Remove all of the current Security Implementation intent annotations
and add an @Authorization intent, which can be qualified with fine_grain
3) Ann a @NoManagedTransaction intent
4) Remove the @JMS annotation
since a C application is unlikely to use the JMS API.
Bryan Aupperle, Ph.D.
STSM, WebSphere Enterprise Platform Software Solution Architect
Research Triangle Park, NC
+1 919-254-7508 (T/L 444-7508)
Internet Address: aupperle@us.ibm.com
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]