RE: issue 7728: point 1 - proposal for indicating effective endpoint policy in an EPR

We would like to provide some data for discussion.

First, let’s summarize assumptions that we heard for proposal 7728:


1)  A policy in an EPR applies to all portTypes and bindings supported by the endpoint represented by the EPR [1].



2)  A provider may send a policy in an EPR when a consumer is aware (out-of-band) of portTypes and bindings supported by the EPR [2].

Second, here are a few thinking points. Suggest that we discuss them at the F2F.


a)  We need to think about how a consumer learns about bindings supported by an EPR. Are these bindings defined by communities within the context of particular app domains or platform vendors or application developers?


b)  If a consumer is aware of bindings out-of-band, it is possible that policy expressions are associated with message, operation and endpoint policy subjects in those bindings. Given that, in general, we need to think about what is the relationship between a policy in an EPR and policies in a WSDL that describes portTypes, bindings and services supported by the endpoint represented by the EPR.



c)  The proposal 7728 is a policy attachment mechanism. We need to think about what is the policy subject? The term ‘endpoint policy subject’ is defined in WS-PolicyAttachment [3] and may not apply to the proposal.

[1] http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0086.html

[2] http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0088.html

[3] http://www.w3.org/TR/2007/REC-ws-policy-attach-20070904/#EndpointPolicySubject


Regards,

Asir S Vedamuthu
Microsoft Corporation

From: Gilbert Pilz [mailto:gilbert.pilz@oracle.com]
Sent: Friday, October 30, 2009 2:35 PM
To: Asir Vedamuthu
Cc: ashok.malhotra@oracle.com; public-ws-resource-access@w3.org; antoine.mensch@odonata.fr
Subject: Re: issue 7728: point 1 - proposal for indicating effective endpoint policy in an EPR

Asir,

There is a use case is stated in the proposal: "For example, a subscriber may wish to indicate to an event source that the notification messages sent as part of a subscription must be digitally signed." There are many use cases in which one component may send an EPR to another component where the binding and portType are implicitly understood; wsrm:AcksTo, wse:NotifyTo, wse:EndTo, wsen:EndTo, etc. In general, any SOAP implementation of the callback pattern may have need of this capability.

- gp

On 10/30/2009 2:07 PM, Asir Vedamuthu wrote:

We think you meant that a policy expression within a wsa:Metadata element applies to m bindings and n portTypes supported by an endpoint ...



How would a consumer use the policy expression (in an interoperable manner) without any knowledge of one of those m bindings (that usually appear in a WSDL)? Are these known out-of-band?



Regards,



Asir S Vedamuthu

Microsoft Corporation



-----Original Message-----

From: ashok malhotra [mailto:ashok.malhotra@oracle.com]

Sent: Friday, October 30, 2009 1:10 PM

To: Asir Vedamuthu

Cc: Gilbert Pilz; public-ws-resource-access@w3.org<mailto:public-ws-resource-access@w3.org>; antoine.mensch@odonata.fr<mailto:antoine.mensch@odonata.fr>

Subject: Re: issue 7728: point 1 - proposal for indicating effective endpoint policy in an EPR



Hi Asir:

These would be the policies that applied to the endpoint as a whole i.e.

have the endpoint as the policy subject.

They are not specific to any binding or portType.

All the best, Ashok





Asir Vedamuthu wrote:



Then, we do not fully understand the underlying use case. Let’s step

back a bit … How would a consumer use a policy expression within a

wsa:Metadata element in an interoperable manner /without/ any binding

descriptions (that usually appear in a WSDL)?







Regards,







Asir S Vedamuthu

Microsoft Corporation







*From:* Gilbert Pilz [mailto:gilbert.pilz@oracle.com]

*Sent:* Thursday, October 29, 2009 4:14 PM

*To:* Asir Vedamuthu

*Cc:* public-ws-resource-access@w3.org<mailto:public-ws-resource-access@w3.org>; antoine.mensch@odonata.fr<mailto:antoine.mensch@odonata.fr>

*Subject:* Re: issue 7728: point 1 - proposal for indicating effective

endpoint policy in an EPR







From what you described at one of the F2F's (I forget which), the

policies in a MetadataSection with

@Dialect="http://www.w3.org/ns/ws-policy"<http://www.w3.org/ns/ws-policy>

<http://www.w3.org/ns/ws-policy><http://www.w3.org/ns/ws-policy> have no specific attachment points or

policy subjects. In the example you provided below, you can't know if

the assertions in the wsp:Policy apply to the endpoint, an operation

of that endpoint, or a particular message; they are just a collection

of policies. If you need to know how/if the policies relate to

messages, operations, or endpoints you need to consult at "other

metadata" like WSDL or PolicyAttachments.



The purpose of Section 7.2 is to describe how to "communicate the

effective policies of the endpoints referenced by those EPRs". When

WS-Policy expressions appear as children of wsa:Metadata there is no

uncertainty about how/where these policies apply. "The scope of a

Policy in an EPR is the endpoint referenced by that EPR. The

assertions within the alternatives contained by a Policy in an EPR

MUST have endpoint policy subject." Whereas wsa:Metadata/mex:Metadata

gives you a big blob of metadata that you (the EPR consumer) have to

process (which may include further mex:GetMetadata operations) to

determine the effective policies, wsa:Metadata/wsp:Policy says "this

is the effective policy"; wsa:Metadata/mex:Metadata is general,

wsa:Metadata/wsp:Policy is specific.



- gp



On 10/28/2009 7:12 PM, Asir Vedamuthu wrote:



The underlying use case is addressed by a general-purpose, existing

feature [1][2] in the current WS-MetadataExchange draft. For example,







<wsa:EndpointReference>



  <wsa:Address>http://services.example.org/stockquote</wsa:Address>



  <wsa:Metadata>



   <mex:Metadata>



    <mex:MetadataSection>



      Dialect='http://www.w3.org/ns/ws-policy'>



     <wsp:Policy> ... </wsp:Policy>



    </mex:MetadataSection>



   </mex:Metadata>



  </wsa:Metadata>



</wsa:EndpointReference>







Adobe, IBM, Microsoft, Oracle, Sun and WSO2 interop tested [3][4] the

feature in April 2007.







Has anyone analyzed why the existing feature does not address the

underlying use case?







[1]

http://www.w3.org/TR/2009/WD-ws-metadata-exchange-20090924/#Metadata-in-Endpoint-References






[2] http://www.w3.org/Submission/2007/03/Comment




[3]

http://www.w3.org/2002/ws/ra/9/01/WS-MetadataExchange-Scenarios-01-19-2007.pdf






[4]

http://www.w3.org/2002/ws/ra/9/01/ws-mex-workshop-minutes-April-2007.pdf








Regards,







Asir S Vedamuthu



Microsoft Corporation







*From:* public-ws-resource-access-request@w3.org<mailto:public-ws-resource-access-request@w3.org>

<mailto:public-ws-resource-access-request@w3.org><mailto:public-ws-resource-access-request@w3.org>

[mailto:public-ws-resource-access-request@w3.org] *On Behalf Of

*Gilbert Pilz

*Sent:* Wednesday, October 28, 2009 4:34 PM

*To:* public-ws-resource-access@w3.org<mailto:public-ws-resource-access@w3.org>

<mailto:public-ws-resource-access@w3.org><mailto:public-ws-resource-access@w3.org>

*Cc:* antoine.mensch@odonata.fr<mailto:antoine.mensch@odonata.fr> <mailto:antoine.mensch@odonata.fr><mailto:antoine.mensch@odonata.fr>

*Subject:* issue 7728: point 1 - proposal for indicating effective

endpoint policy in an EPR







I've attached the first draft of our proposal for incorporating

WS-PAEPR into WS-Mex [1] to the entry for issue 7728. This is

accomplished by creating a new section, Section 7.2, that describes

what it means to put a wsp:Policy or wsp:PolicyReference in a

wsa:EndpointReference/wsa:Metadata element.



Note this addresses the WS-DD comments ([2], [3]) made on

WS-MetadataExchange by Antoine Mensch.



[1] http://www.w3.org/Bugs/Public/attachment.cgi?id=775


[2]

http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0027.html


[3]

http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0033.html\<http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0033.html/>

<http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0033.html><http://lists.w3.org/Archives/Public/public-ws-resource-access/2009Oct/0033.html>



- gp

Received on Friday, 6 November 2009 17:01:20 UTC