OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

sca-j message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: ISSUE-156: Intent annotations are missing from Java CAA as compared toPolicy FW spec - proposal v1

This is a broad issue. In order to minimize rework for myself, I've put together an analysis of the differences between the intents defined in the Policy FW spec [2] and the Java annotations in the CAA spec [3]. See the table below.

It is important to remember that the CAA spec defines the @Requires annotation which can be used to specify a list of any intents, regardless of the namespace which contains the intent definition. Given this, I think we should only define annotations for the commonly used intents because intent specific annotations are really just a developer friendly equivalent to the @Requires() form.

The table lists intents defined in the Policy FW spec along side the related annotations for the Java CAA spec. I noted where there is a "gap" that I'd propose to fill with a specific Java annotation. Before I spend time writing up a bunch of text, I'd like to have a discussion (email or telecon) to get a sense for other opinions. I don't feel strongly about some of the choices I've made.

Here's the rationale for each choice:

1) MutualAuth is a commonly used mechanism, but is it appropriate to be hard wired into the Java POJO?

2) Authorization is quite common also, but on it's own doesn't mean much. A policySets will always be needed to satisfy the intent.

3) Transactions - Since transactions are integral to business logic in a pojo, I chose the most common usages of transactions; @ManagedTransaction for specifying global or local trans, @NoManagedTransaction for simple cases, @ManagedSharedTransaction (a profile intent) because it represents a very common global transaction pattern. I feel quite strongly that these need to be Java annotations.

4) The rest of the intents that don't have a specific Java annotation defined, just don't seem quite common enough in Java POJOs to justify a specific Java annotation. Blindly creating a Java annotation for each Policy FW defined intent seems like overkill.

Policy FW Spec Java CAA Spec
---------------- -------------------
N/A @Requires - for specifying any intent in Java
N/A @PolicySets - for specifying any policySet in Java

authentication @Authentication
mutualAuthentication (gap)@MutualAuthentication

confidentiality @Confidentiality
integrity @Integrity

authorization (gap)@Authorization


managedTransaction (gap)@ManagedTransaction
noManagedTransaction (gap)@NoManagedTransaction
managedSharedTransaction (gap)@ManagedSharedTransaction



[1] http://www.osoa.org/jira/browse/JAVA-156
[2] http://www.oasis-open.org/committees/download.php/33774/sca-policy-1.1-spec-cd02-rev3.pdf
[3] http://www.oasis-open.org/committees/download.php/32734/sca-javacaa-1.1-spec-cd03.pdf

Dave Booz
STSM, BPM and SCA Architecture
Co-Chair OASIS SCA-Policy TC and SCA-J TC
"Distributed objects first, then world hunger"
Poughkeepsie, NY (845)-435-6093 or 8-295-6093

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]