OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-rx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [ws-rx] Gil's proposal for i021



For the policy wonks among us.... if A send a message to B and expects a response.  If B's WSDL has an endpoint policy assertion that says RM is required then if Marc's reading of the policy spec is correct the response from B to A will be sent using RM.  Now, what if A's replyTo EPR's WSDL said that RM is not supported (assume for a moment there was an assertion that said that - or maybe the lack of the assertion implies it - I'm too tired to figure that one out).  What should happen?  Should B still RM-ify the response but expect to get an error?  Should it override its own policy in favor A's?  Should we just word the RMPolicy spec vaguely enough that we don't answer this question and leave it up to the Policy guys?  :-)   That last one is only 1/2 a joke since we might actually choose to punt on this one.

Anyway, I was just looking at the security policy assertion spec [1] (don't know why but it seems like a good reference for this type of stuff and after midnight what else would someone be doing  :-), and most of the assertions are (coincidentally) worded vaguely enough that its not entirely clear to me that they apply to both incoming and outgoing messages.  Most say things like "this element represents a requirement for a Security Context Token retrieved from....".  That's really odd wording if they really meant for it to apply to both - normally endpoint doesn't "require" something of itself but rather it "expresses its intent to use..." or something like that.  The choice of wording really seems to imply what the endpoint is expecting of the caller.  Should we assume that its just a poor choice of wording?  Where's the policy umpire?  We need a ruling on this one!

thanks,
-Doug

[1] ftp://www6.software.ibm.com/software/developer/library/ws-secpol.pdf



"Marc Goodner" <mgoodner@microsoft.com>

02/01/2006 06:31 PM

To
"Gilbert Pilz" <Gilbert.Pilz@bea.com>, "Patil, Sanjay" <sanjay.patil@sap.com>, <ws-rx@lists.oasis-open.org>
cc
Subject
RE: [ws-rx] Gil's proposal for i021





Just expanding on the subject level, from section 4.1.2 on Endpoint Policy Subject in WS-PolicyAttachment [1]:
 
An Endpoint Policy Subject applies to behaviours associated with an entire endpoint of
the service, irrespective of any message exchange made.
 
To me that seems to say we can’t declare that it doesn’t apply to inbound or outbound messages that are part of the endpoint. If that is what you want you would use operation level subject. I still think endpoint subject is what you would almost always want, but we’ve been talking about this long enough that I can see a case for operation.
 
1 http://specs.xmlsoap.org/ws/2004/09/policy/ws-policyattachment.pdf
 
Marc Goodner
Technical Diplomat
Microsoft Corporation
Tel: (425) 703-1903
Blog: http://spaces.msn.com/mrgoodner/



From: Gilbert Pilz [mailto:Gilbert.Pilz@bea.com]
Sent:
Wednesday, February 01, 2006 2:35 PM
To:
Marc Goodner; Patil, Sanjay; ws-rx@lists.oasis-open.org
Subject:
RE: [ws-rx] Gil's proposal for i021

 
Comments in line . . .
 
- gp
 



From: Marc Goodner [mailto:mgoodner@microsoft.com]
Sent:
Wednesday, February 01, 2006 1:10 PM
To:
Patil, Sanjay; Gilbert Pilz; ws-rx@lists.oasis-open.org
Subject:
RE: [ws-rx] Gil's proposal for i021

Two immediate concerns I have here.
 
One, I don’t think it is right to say the AS and AD have to use RM. It is the RMS and RMD that use RM so I think the original text is correct. I also don’t see how this relates to the multiple endpoints via one RMS/RMD as you say below. In that case isn’t the original text still more accurate? Still either way this is probably splitting hairs, it doesn’t change that the assertion is there or what it means.
 
The RMS and RMD don't use RM they implement RM. They are the things that implement the protocol described in the WS-RM spec. When you are talking about describing policy in something like WSDL you are indicating if/how you will make use of the facilities that the RMS and RMD provide.
 
Two, I don’t think even with two different assertions we can define them to apply just to inbound or outbound messages. I’m fairly certain that WSDL 1.1 and WS-PolicyAttachment prevent that scoping.
 
I'm not sure I understand why this would be the case. Can you expand?
 
Marc Goodner
Technical Diplomat
Microsoft Corporation
Tel: (425) 703-1903
Blog: http://spaces.msn.com/mrgoodner/



From: Patil, Sanjay [mailto:sanjay.patil@sap.com]
Sent:
Wednesday, February 01, 2006 7:27 AM
To:
Gilbert Pilz; ws-rx@lists.oasis-open.org
Subject:
[ws-rx] Gil's proposal for i021

 
 
Thanks to Gil for making a concrete proposal. Hopefully this leads to a discussion on the list.
 
I have changed the subject line to indicate the issue number. I think folks have better memory of issue numbers than AI numbers.
 
Thanks,
Sanjay
 



From: Gilbert Pilz [mailto:Gilbert.Pilz@bea.com]
Sent:
Tuesday, Jan 31, 2006 23:01 PM
To:
ws-rx@lists.oasis-open.org
Subject:
[ws-rx] RE: Action Item #0078

In light of the (pending) resolutions to i086 and i087 it seemed simpler to present my proposal in the form of complete drafts of the WS-RM Policy specification. Attached are two PDF documents. One is a clean version of what the WS-RM Policy spec would look like with my proposed changes. The other contains change bars between my proposal and the current editors draft of WS-RM Policy (cd-02 with Marc's clean ups applied).
 
You will note that my proposal includes the proposed resolutions to i086 and i087. There was no simple way to present my ideas without doing this.
 
You may also note that I have changed line 93 from:
 
"The RM policy assertion indicates that the RM Source and RM Destination MUST use WS-ReliableMessaging [WS-RM] to ensure reliable delivery of messages."
 
to:
 
"In general a RM policy assertion indicates that the Application Source and Application Destination MUST use WS-ReliableMessaging [WS-RM] to ensure reliable delivery of messages".
 
I did this because I think that policy assertions have nothing to do with sequences or the entities that maintain them (i.e. the RMS and RMD) except that they indicate that some, unspecified sequence may or must be used to ensure the delivery of inbound or outbound messages. I think this confusion over endpoints (and the policies attached to those endpoints) and sequences lay at the heart of our difficulties with the idea of multiple endpoints with different policies sharing the same sequence. This change may be considered by some to be the resolution to a separate issue. If anyone has any objections I'll back it out and go through the process of raising a separate issue and making a separate proposal to address it.
 
- gp


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]