OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wsrp-interop message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wsrp-interop] guest/anonymous user access

[revisiting this thread]

Thanks Richard. You had explained the issue very well. So what do others think? Can we then assume that userContextKey=wsrp:minimal is all the Consumer needs to send to indicate guest/anonymous access?

While on this subject, in addition, it would be ideal if userContext=null itself could be an indication of guest/anon access. Since the WSDL defines userContext as nillable, it would have been convenient to make the assumption. If the Consumer wants to propagate additional information (user categories, etc) associated with the guest/anon access, they could still send a valid userContext with userContextKey set to wsrp:minimal.


Richard Jacob wrote:
Atul Batra <atul.batra@Sun.COM> wrote on 03/25/2004 09:47:55 PM:

Yes, my question was confusing. I need to rephrase :-)

Without all the background on this one, I guess my question was more
why we thought that userCategory should be wsrp:minimal as well. In
order to represent a guest user, would userContext=wsrp:minimal by
itself not suffice? In that case, if the Consumer so choose to send
along values for the userCategory, that would be additional
information, but not something Producers would use to detect
guest/anonymous access.



I tend to agree with Atul here and think he is making a valid point.
Atul, please correct me if my summary is wrong.

1. Producers are not required to provide any categories in the
2. Consumers are not allowed to specify any userCategory not defined in the
Producer's ServiceDescription
1+2=3. If the Producer does not define any user category being supported,
the convention we've choosen prevents the Consumer to specify an anonymous
user simply because it would contradict either 2. or the convention -> no
way out for the Consumer.

Personally I don't remember why we argued that userCategory in the
userContext has to be wsrp:minimal, too.
I guess the argument here was that a guess user is considered a user with
minimal categorization information as defined in the spec and therefor it
would not be convienient to assert a higher degree category to a guest
But as said, what if the Producer does not define wsrp:minimal as

If the contextKey is wsrp:minimal the Producer already knows that it's a
guest user and can assert whatever category he likes for that user (if he
supports any, otherwise the discussion is obsolet).
If the Consumer for instance sends wsrp:full in conjunction with
wsro:minimal contextKey, the Producer should be free to ignore that and
reset it to wsrp:minimal?



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]