- From: David Orchard <dorchard@bea.com>
- Date: Fri, 30 May 2003 14:28:18 -0700
- To: "'Jeff Lansing'" <jeff@polexis.com>, <www-ws@w3.org>
- Message-ID: <00db01c326f2$69e60810$eb0ba8c0@beasys.com>
Jeff, I created such a thing about a year ago [1]. This doesn't really solve the problem that is at the heart of the propose issue, which is the heavy use that SOAP applications make of bindings to HTTP POST instead of GET. Some people think that POST should be avoided because it requires specific configuration, ie the Xpath expression, for what to look for in a message instead of simply the HTTP method and URI. It's really a question of scale of visibility versus simplicity across multiple protocols and applications. Cheers, Dave [1] http://www.w3.org/2001/tag/doc/ws-uri.html -----Original Message----- From: www-ws-request@w3.org [mailto:www-ws-request@w3.org]On Behalf Of Jeff Lansing Sent: Friday, May 30, 2003 11:55 AM To: www-ws@w3.org Subject: Re: Proposed issue; Visibility of Web services Hi, There was a long discussion about the relative "visibility" of HTTP vs SOAP. There seemed to be a tendency to believe that HTTP GET was the most "visible" of all. Now any SOAP message can be encoded as a HTTP GET, with "?" and "&"s. Here's one way. Make XPath expressions for all the content in the SOAP message, for example: soap:Envelope/soap:Body/m:GetStockPrice/m:StockName URL encode these expressions (not shown here). Then make a parameter: soap:Envelope/soap:Body/m:GetStockPrice/m:StockName=IBM Then string all the parameters together with ampersands. This (with a few more tricks for namespace definitions and attributes) is a linear encoding of all of the information in the SOAP message into a GET request. No more and no less. So how can it be claimed that there is a difference in "visibility" between the two? Jeff Mark Baker wrote: On Thu, May 29, 2003 at 12:28:46PM -0400, Christopher B Ferris wrote: I guess I just don't know what you think a "generic" intermediary is then. Give me an example of a generic HTTP intermediary that does not have a specific role(s) like caching. If my cache example is not generic, I don't know what is. You seemed to have simply ignored that aspect of my previous message. Was my example not "generic" by your standards? No, at least not for the purposes of doing the apples-to-apples visibility comparison. I was trying to emphasize that HTTP defines many application layer features, while SOAP does not. That may seem obvious and non-important, because SOAP may have lots in the future, but that's really the point; it doesn't have them now, so a SOAP intermediary developed with no knowledge of them has no visibility into a transaction that uses them (outside of knowing that it doesn't know what they mean, ala mustUnderstand). Mike has said that SOAP firewalls will be going to market soon. What SOAP applications will they understand? Will those firewalls be upgraded for every new extension that comes along? Because that's the only way will they have similar visibility into SOAP transactions that HTTP intermediaries developed today will have into HTTP transactions executed 10 years from now. BTW, I would *really* appreciate a response to this; A SOAP+E intermediary would have *excellent* visibility into an interaction between a client and server using those extensions, right?. For example, if it had hardcoded-in knowledge of WS-Transaction, then it could sit between a client and server coordinating a transaction, and be able to follow along quite well; far better than it could if something other than a transaction was being coordinated. Agreed? So can you see my point? HTTP is at the same layer as WS-Transaction; both are application layer coordination languages. MB
Received on Friday, 30 May 2003 17:27:53 UTC