[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [provision] Liberty Identity Personal Profile example...
Jeff, Can you point out where in the Liberty specification it explicitly states this? Thanks, Gerry |---------+----------------------------> | | "Jeff Bohren" | | | <jbohren@opennetw| | | ork.com> | | | | | | 07/31/2003 06:14 | | | PM | |---------+----------------------------> >------------------------------------------------------------------------------------------------------------------------------| | | | To: "Jeff Larson" <Jeff.Larson@waveset.com>, Gearard Woods/Irvine/IBM@IBMUS | | cc: <provision@lists.oasis-open.org> | | Subject: RE: [provision] Liberty Identity Personal Profile example... | >------------------------------------------------------------------------------------------------------------------------------| Jeff, I think you are misinterperting the whole purpose of the batch request. The only reason that you would use a batch request would be to group logically related operations. While this is implementation dependent, I would think that a batch request going through workflow would be approved or denied as a whole. If operations or not logically related then they should be independent requests. I am not a Liberty expert, but looking at the spec for the Personal Profile, it is very clearly LDAP oriented (or X.500 oriented). It would seem that a hierachical model would fit it quite well. But there are many solutions to this problem in addition to the ones I posted. I do see a lot of value in adding explicit support for complex data types in the post 1.0 effort. Rami has made some interesting suggestions and I have some ideas on my own. The only requirement that I would make is that whatever approach we adopt can support reliable mamagement of the complex data. Obviously the Liberty group did not feel that was important since thier spec explicitly says that thier protocol does not support that. Jeff Bohren OpenNetwork Technologies -----Original Message----- From: Jeff Larson [mailto:Jeff.Larson@waveset.com] Sent: Thu 7/31/2003 4:29 PM To: Gearard Woods; Jeff Bohren Cc: provision@lists.oasis-open.org Subject: RE: [provision] Liberty Identity Personal Profile example... Sorry I haven't had time to remain current on this topic. I don't have anything to say on the schema representation debate right now, but I did want to comment on the recent examples attempting to represent complex data types. I dislike the notion of describing what will usually be considered an atomic operation on a single object as a batch of SPML requests. For starters, any PSP more complex than a directory will likely incur a substantial amount of overhead processing an add or modify request so you don't want to treat these like discrete transactions even though the end result may be the same. It is not uncommon to require workflow approvals on any modification, this approach could result in multiple approvals. So now, the PSP has to analyze every batch to determine which requests can be semantically merged into a single transaction. Batch execution mode better not be sequential. A similarly complex inverse transformation then needs to be performed to make what internally was a single transaction appear as multiple responses in the batch response. Regarding the Hierarchical method: It isn't obvious to me how the DN-like <spml:id>'s work to identify subcomponents, but I'll assume that's due to my relative lack of LDAP experience. I don't especially like the data duplication though. Regarding the Referential method: This looked more obvious to me than the Hierarchical method, but I would NOT want to be required to retain these GUIDs for later identification of the interior objects. Again I would expect many PSPs that aren't implemented on directories are going to have problems maintaining GUIDs for things that are not "first class" objects in their database model. But if the GUIDs aren't retained, how do I issue a modifyRequest to change just the AltCN attribute? While I'm not necessarily suggesting this as a solution, Waveset solves very similar problems by flattening a complex hierarchical data model into a list of attributes whose names are "paths" into the hierarchy. Our path syntax is non-standard, but for the sake of example, the little XML document would be exposed using the following attribute names: InformalName CommonName.CN CommonName.AltCN LegalIdentity.LegalName LegalIdentity.VAT We're using this approach right now to squeeze extremely complex hierarchical objects through SPML. We use the same technique to edit these objects in a web GUI. HTML forms post a flat list of name/value pairs, you have the same problem. Yes, it is cumbersome. I would really prefer complex data types in SPML, but this does work and I would choose it over the previous two methods because it maintains the atomicity of the request. I think we should continue exploring the consequences of introducing complex data types into SPML. I just wanted to point out what I think is a simpler way to make complex data appear flat. Regards, Jeff
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]