ebBP 2/3/2005: Authorization Criteria (Section 4.7.4)

["Monica J. Martin" <Monica.Martin@Sun.COM>]

As a followup to the review regarding well-formedness rules, and in light of our Tuesday discussions, I propose the
following text change to Section 4.7.4. If anyone feels we should add an additional column to the BT patterns matrices for this, please respond to the list or to me. Comments welcome. Thank you.

FROM:
(second and third paragraphs)
.......It is important to surface exceptions so action can be taken. Some conditions where authorization MAY apply and be related to exceptions include:

    * When business rules are applied
    * When a communication is persisted
    * When a business message is submitted for acceptance processing 

In this version, the mechanisms for a BSI to specify that an attempt has been made by an application or system to initiate a Business Transaction (therefore sending a request) and this application or system was not authorized to do so, is undefined.  This quality of service attribute is like a hint to the BSI and MAY be delegated to an underlying service.

TO
(second and third paragraphs)
.......It is important to surface exceptions so action can be taken. Some conditions where authorization MAY apply and be related to exceptions include:

    * When business rules are applied
    * When a communication is persisted
    * When a business message is submitted for acceptance processing

[ADD] Based on agreements, the parties may establish the authorization parameters to provide these capabilities.  If authorization is enabled, the business document and business signal SHOULD be authenticated or tamper detection enabled. end-ADD]. In this version, the mechanisms for a BSI to specify that an attempt has been made by an application or system to initiate a Business Transaction (therefore sending a request) and this application or system was not authorized to do so, is undefined.  This quality of service attribute is like a hint to the BSI and MAY be delegated to an underlying service.