[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] eGov infrastructure requirements discussion
The type of content validation that was being referred to was slightly different than the in-registry contetn validation (my read anyways). From a pure architectural standpoint, validation to ascertain that something is within acceptable constraints should be done at the point closest to where a consequence will occur if it is invalid. If someone is using a Registry artifact, it makes sense to validate it at the point closest to where it will get consumed (near the client side application that will consume it). Validating the artifact before it gets sent leaves open the possibility that it become corrupt during its subsequent serialization/deserialization from the transport layer or during transport itself. Validating from the POV that the Registry needs to know that the content is valid before it accepts the artifact is good. That should be and is done when an item is submitted to the registry. The machine validation (syntax and structure) and possible RA scrutiny are needed to ensure that the Registry content does not contain any errant or even malicious content. (Perhaps some small porn site operator tries to register a CPA as XXXX Automobile Company?) Many of you may laugh at thsi but it happened in the UDDI reference implementation as well as rumours of similar behaviour within the first Biztalk Repository. I just wanted to point out that there are two different sets of requirements for validation. Duane Nickull Farrukh Najmi wrote: > > Actually, if you view a registry as a general purpose content > management system (this is how ebXML Registry has evolved - details > available if needed), then semantic validation (not schema based > syntax validation) is a feature of such a system. An ebXML Registry > for example can perform content specific semantic validation of > arbitrary content using its plug-in based content validation feature. > Such validation could be done on client side but in general an > automated server side validation is a much better solution to meet > the requirements. The way this works in ebXML Registry is: > > -A responsible organization that defines a new type of content > publishes a content validation service to the registry. Such a service > is a simple web service conforming to a normative interface. For > example the ebXML CPPA team may publish a CPP validation service . > > - a use submits content that is an instance of a content type (e.g. > ebXML CPP). > > -The registry checks if there is a validation service registered for > that content type. > > -If a validation service exists then registry invokes it automatically > and validates the content. > > -If the content is valid accoding to teh validation service then it is > accepted by the registry. If not valid then it is rejected with an > appropriate error message. > > Above feature of ebXML Registry makes me wonder why one would need any > validation requirements to be met on the client side. > -- *************************************************** Yellow Dragon Software - http://www.yellowdragonsoft.com Professional Software Development & Metadata Management Project Team Lead - UN/CEFACT eBusiness Architecture Direct: +1 (604) 726-3329 - Canada: Pacific Standard Time
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]