W3C home > Mailing lists > Public > public-ws-addressing@w3.org > March 2006

Re: ISSUE: Where do faults go?

From: Christopher B Ferris <chrisfer@us.ibm.com>
Date: Mon, 13 Mar 2006 13:03:42 -0500
To: David Hull <dmh@tibco.com>
Cc: Glen Daniels <gdaniels@sonicsoftware.com>, public-ws-addressing@w3.org, public-ws-addressing-request@w3.org
Message-ID: <OFC4A0F955.64E13879-ON85257130.006306FF-85257130.00633649@us.ibm.com>
Dave,

CIL below.

Cheers,

Christopher Ferris
STSM, Software Group Standards Strategy
email: chrisfer@us.ibm.com
blog: http://www.ibm.com/developerworks/blogs/dw_blog.jspa?blog=440
phone: +1 508 377 9295

public-ws-addressing-request@w3.org wrote on 03/13/2006 12:51:36 PM:

> How we handle faults, according to the current Editor's draft (I 
> double-checked :-):
> SOAP processing failures (e.g. mU), are out of scope as always.

por que? I can certainly appreciate that WS-A would not contradict SOAP
but why do you claim that this is out of scope? I would have expected that
the spec would be explicit in describing exactly how it composes with the
SOAP processing model.

> If there are no SOAP processing failures, then
> If wsa:Action is absent, we don't say what happens.  (We only state 
> the converse).  If WSA isn't engaged, disposition is out of scope. 
> If it is, for whatever reason, see below.
> If wsa:Action is present, even if it's mangled, or multiply present,
> or whatever, WSA is engaged.
> If WSA is engaged
> If wsa:FaultTo is absent, multiply present, or present but invalid, 
> [fault endpoint] will be empty.  Otherwise it will have the given 
> value.  I'm inferring this, but I don't see what else one could 
> infer.  Perhaps we should state more sharply that getting two of 
> something you can only have one of leaves it undefined.
> Likewise for wsa:ReplyTo.
> And the rules in 3.4 of the core apply.  If [fault endpoint] is 
> empty, as it would be in Glen's case, we revert to [reply endpoint].
> If wsa:ReplyTo had been missing, [reply endpoint] would be anon.  If
> wsa:ReplyTo is also erroneous, [reply endpoint] is empty and 
> behavior is undefined.
> IMHO, this is good enough.  If both wsa:FaultTo and wsa:ReplyTo are 
> present and mucked up, we can't really guarantee your safety.  In 
> any case, the spec as it stands seems unambiguous, given that 
> duplicating wsa:FaultTo leaves [fault endpoint] undefined.  I can 
> see cases where the left hand might add one wsa:FaultTo and the 
> right hand add another, but this seems like a fairly basic failure 
> in implementation that shouldn't make its way into production. 
> Famous last words.
> 
> Working from a clean slate, I might want to handle this differently,
> but at this stage I think we've done what we can.  As with other 
> cases, we might want to make a few editorial changes to clarify 
> what's going on.
> 
> 
> Christopher B Ferris wrote: 
> 
> Glen, 
> 
> I would put this in the same class as "where do SOAP mU faults get 
> delivered". I believe that that 
> should be a function of the binding, not of WS-A because it is 
> pretty clear to me that in the face 
> of a SOAP mU (or VersionMismatch) fault, that WS-A processing cannot
> be presumed to have 
> been performed (per the SOAP1.2 spec anyway). 
> 
> Thus, I think that an endpoint that includes a non-anonymous [fault 
> to] endpoint SHOULD expect 
> that it MAY receive SOAP faults in a manner defined as the default 
> for the relevant SOAP 
> binding. In the case of the SOAP Req/Resp MEP and SOAP HTTP binding,
> that would be 
> the anonymous endpoint. 
> 
> IMO, if a SOAP message contains WS-A headers that are inconsistent 
> with the spec in any way 
> that the generated fault SHOULD be sent to the endpoint identified 
> by the relevant SOAP 
> MEP/binding. 
> 
> Cheers, 
> 
> Christopher Ferris
> STSM, Software Group Standards Strategy
> email: chrisfer@us.ibm.com
> blog: http://www.ibm.com/developerworks/blogs/dw_blog.jspa?blog=440
> phone: +1 508 377 9295 
> 
> public-ws-addressing-request@w3.org wrote on 03/13/2006 10:51:09 AM:
> 
> > 
> > Hi folks:
> > 
> > Sorry for the last-minute issue, but this just came up as a result of
> > testing....
> > 
> > In the test suite, we have a test [1] for generating a fault when a
> > request message contains 2 <wsa:FaultTo> headers.  Imagine a message
> > like:
> > 
> > <soap:Header>
> >  <wsa:FaultTo>
> > 
> > 
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address
> > >
> >  </wsa:FaultTo>
> >  <wsa:FaultTo>
> >   <wsa:Address>http://some-other-address</wsa:Address>
> >  </wsa:FaultTo>
> >  ...
> > </soap:Header>
> > 
> > The question is - where should the InvalidAddressingHeader fault go? I
> > see three possible choices:
> > 
> > 1) to the first <FaultTo>
> > 2) to the second <FaultTo>
> > 3) to the default (anonymous? see below)
> > 
> > The test assumes that the fault will be delivered via the HTTP
> > backchannel, i.e. to anonymous.  But I can't find anything in the spec
> > that would constrain an implementation to do so - in other words, it
> > might be just as valid to try to send it to http://some-other-address.
> > Therefore either the test is wrong to make the assumption, or the spec
> > should be clarified.
> > 
> > I do think that in the case where we cannot correctly convert SOAP
> > headers into an appropriate MAP, the value for that MAP should not be
> > set (and in this case would therefore default to anonymous) - perhaps
> > this is the intent, but we should really be explicit about this if
> > that's what we mean.
> > 
> > Another question also arises - in the case where we have a problem
> > generating the [FaultTo] MAP from the headers, should the generated
> > fault be delivered to the [ReplyTo] address if there is one, or always
> > to anonymous?  I'd guess the former, but again we should make sure 
we're
> > clear and explicit about it.
> > 
> > I'd propose we fix this by adding something like the following at the
> > end of the last paragraph in section 3.2: "In that case, any 
duplicated
> > headers MUST NOT be used to populate the appropriate MAPs - the MAPs
> > should be interpreted as if no such headers were present."  I *think*
> > this should do it, and since we're already clear about the lack of an
> > explicit FaultTo causing faults to go to ReplyTo, I think we're 
covered
> > there.
> > 
> > I'd also like to add, for clarity, section headings for the last two
> > paragraphs of section 3.2:
> > 
> > 3.2.1 Sending Messages
> > 
> > 3.2.2 Receiving Messages
> > 
> > Thanks,
> > --Glen
> > 
> > [1] http://www.w3.org/2002/ws/addr/testsuite/testcases/#test1242
> > 
Received on Monday, 13 March 2006 18:04:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:12 GMT