The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: April 02, 2007
XML Daily Newslink. Monday, 02 April 2007

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
IBM Corporation

Candidate Recommendations for Web Services Policy 1.5
A. Vedamuthu, D. Orchard, F. Hirsch (et al., eds) W3C Technical Reports

W3C's Web Services Policy Working Group has announce the publication of updated Candidate Recommendations for Web Services Policy 1.5, documenting their progress. Previously, the specification was published as a Candidate Recommendation, and a Call for Implementations was announced. This revision is published in order to give visibility to the technical decisions that have been made so far during this phase of the process and to allow review by W3C Members and other interested parties. The maturity level of the specification remains unchanged, and the work is on track to move forward to the Proposed Recommendation stage when the exit criteria for the current phase have been met. No features have been identified as "features at risk" by the Web Services Policy Working Group. The Working Group will maintain an implementation report. Candidate Recommendation feedback is welcome through 30-June-2007. "Web Services Policy 1.5 - Framework" defines a framework and a model for expressing policies that refer to domain-specific capabilities, requirements, and general characteristics of entities in a Web services-based system. A policy is a collection of policy alternatives. A policy alternative is a collection of policy assertions. A policy assertion represents a requirement, capability, or other property of a behavior. A policy expression is an XML Infoset representation of its policy, either in a normal form or in its equivalent compact form. Some policy assertions specify traditional requirements and capabilities that will manifest themselves in the messages exchanged (e.g., authentication scheme, transport protocol selection). Other policy assertions have no wire manifestation in the messages exchanged, yet are relevant to service selection and usage (e.g., privacy policy, QoS characteristics). "Web Services Policy 1.5 - Framework" provides a single policy language to allow both kinds of assertions to be expressed and evaluated in a consistent manner. "Web Services Policy 1.5 - Framework" does not cover discovery of policy, policy scopes and subjects, or their respective attachment mechanisms. A policy attachment is a mechanism for associating policy with one or more policy scopes. "Web Services Policy 1.5 - Attachment" defines two general-purpose mechanisms for associating policies, as defined in "Web Services Policy 1.5 - Framework," with the subjects to which they apply; the specification also defines how these general-purpose mechanisms may be used to associate policies with WSDL and UDDI descriptions. The Working Group has published revised drafts for "WS-Policy Primer", "Guidelines for Policy Assertion Authors", and "WSDL 1.1 Element Identifiers."

See also: the Web Services Policy WG documents

Q&A: SAP on Rich Apps, Architecture, and Ajax-Based Portal Enhancements
Doug Henschen, Intelligent Enterprise

Rich Internet applications promise interfaces that are more responsive, productive and adaptable to various deployment environments. In this interview, SAP executives Dennis Moore, General Manager of Emerging Solutions, and Andrew Cabanski-Dunning, marketing director for NetWeaver User Productivity Solutions, discuss the required back-end infrastructure, and they reveal plans for Ajax-powered portal functionality to be introduced at next month's Sapphire event. Dennis Moore: "It's nearly impossible to achieve a RIA architecture—even on one of the many RIA stacks—unless you've done a decent job of service-orienting the underlying capabilities you want to access. You need the metadata that describes not just the business process execution, but also the metadata that describes conceptually what the service is doing, how it can be used, and how it should adapt to different device capabilities in order to give you a rich application. That could be on a PDA or a smart phone as well as on widgets, Flash-type experiences as well as dynamic HTML Ajax-types of environments. So SAP has spent the last several years doing all the really hard work of making all the capabilities of the MySAP business suite available for consumption through well-defined, rich-metadata-enabled services using all of the standards that you would expect to see. We also have Web 2.0 functionality available now -- portal, widgets, RSS, wikis, blogs and Ajax technologies—but having a rich, service-enabled backend is more important because proprietary systems don't really connect easily with environments like Ajax, widgets, Flash and so on. These environments are very friendly with standard Web services and rich XML metadata descriptions from the server. The front-end capabilities are interesting, but they're not that interesting until you can connect them to interesting back-end capabilities. RIA needs standard Web services from the backend in order to do what they do well. The front-end capabilities are interesting, but they're not that interesting until you can connect them to interesting back-end capabilities..."

BEA Cites Java, Availability in Application Server Upgrade
Paul Krill, InfoWorld

Enhanced software development capabilities and system availability are key focuses in an improved version of BEA Systems' WebLogic Server application server, now available. With the release of BEA WebLogic Server 10, BEA plans to accentuate the product's Java-based features that simplify development of applications and services. To this end, WebLogic Server 10 supports Java EE 5 (Java Platform Enterprise Edition 5) and EJB 3.0 (Enterprise JavaBeans 3.0). Accommodations for open-source developer frameworks like Spring help simplify development as well. Java EE 5 supports EJB 3.0, which allows developers to annotate code. Annotating enables a reduction in the amount of external XML files that may have been required with an application. This reduces coding needs. A new persistence API in the application server takes information from a Java application and persists it in a database. This makes it easier to store data like customer information. The API leverages OpenJPA (Java Persistence API) and the Kodo persistence technology. Also featured in version 10 is an update to core Web services technologies as well as improvements in security and interoperability with proprietary and open-source platforms.

See also: the announcement

What Apple DRM-Free Means to Microsoft
Joe Wilcox, eWEEK Microsoft Watch

To recap the news: Starting next month, Apple will offer EMI music free of DRM for 30 cents more a track; album prices will remain the same. Apple makes the EMI catalog more attractive than other iTunes music in two ways: No DRM and higher encoding. People paying more for the benefits of no DRM will get better fidelity, too, as in 256kbps encoding. The DRM music is 128kbps. Additionally, consumers can upgrade their existing EMI music to DRM-free and the higher encoding for 30 cents a track. The deal creates opportunities for Apple and solves some problems, too: (1) DRM-free removes some of the usability problems associated with rights management technology. (2) EMI music would be more portable, not necessarily locked into iTunes. Unless Apple does some unusual jiggering to AAC, songs in the format could be converted to MP3 for broad availability. There are plenty of devices, including Microsoft's Zune, that can play DRM-free AAC files. Windows Media Player 11 doesn't natively support AAC, by the way. (3) DRM-free could ease some of Apple's legal problems in Europe, where some governments have fussed over music monopoly and the closed iPod/iTunes model. (4) Apple can upgrade users' music and for a nominal fee... With the release of Windows Media 9, Microsoft made a huge bet on DRM. No question, Windows Media 9 delivered highly flexible rights management that could be used for lots of interesting marketing purposes, such as a label releasing a new album with, say, three free plays. But Microsoft's bet hasn't paid off in the market, even with so many music stores using Windows Media DRM. Apple did DRM better, by largely hiding it from music purchasers, and by making fairly easy the synchronization of DRM content with iPod. Microsoft played catch up on synchronization until the November release of Zune. But Zune is heavily beholden to DRM. Music sharing—Zune's big differentiator from iPod—requires encryption of transmitted tunes, even stuff that has no DRM... If Microsoft is going to push ahead with a heavy DRM strategy, maybe it's time to change the game plan. As Gartenberg's colleague David Card writes in another blog post on the Apple-EMI deal, "DRM should unlock new business models, not attempt to lock down 20th century ones." He gives good advice.

Intellectual Property Rights and Standard Setting
Andrew Updegrove, Consortium Standards Bulletin

Intellectual property rights (IPR), and particularly patent claims, provide special challenges to standards developers. Following adoption of standard, members may be unwilling to share implementation rights on licensing terms that are conducive to wide adoption of the standard (or at all). Or, during the development phase, they may secretly seek to ensure that a standard will infringe their undisclosed patent claims, in order to reap a harvest of royalties when those rights are revealed after the marketplace has already been locked in. Externally, there will often be patent claims that are essential to the implementation of a standards, but whose owners have little or no incentive to make their valuable IPR available on acceptable terms (or at all). As a result, standard setting organizations must have IPR policies that are designed to minimize—although they cannot totally eliminate—such problems. In this article, I briefly review: the history of IPR issues; the changes in the standard setting landscape that are accentuating IPR concerns today; the ways in which IPR (and particularly patent claims) give rise to concerns for standards developers and implementers; the documents that comprise an appropriate IPR management regime; and finally those areas in which IPR policies are most significantly being challenged and reworked today.

Best Practices for Service Interface Design in SOA
Mikhail Genkin, IBM developerWorks

This article "Part 1: Exploring the Development, Interfaces, and Operation Semantics of Services" is the first in a series that focuses on best practices for service interface design, including high-level aspects of development approaches, service granularity, and operation signatures. Service-Oriented Architecture (SOA) emphasizes loose coupling between different systems within an enterprise. Service interface structure is of primary importance in SOA because poorly designed service interfaces can have a negative effect on all applications that need to use them. Well-designed service interfaces can accelerate project schedules and make your SOA solution more responsive to business needs. In the context of implementing SOA solutions, the structure of a service interface is very important. A poorly structured service interface can greatly complicate development of many service consumer applications that use that interface. From a business point of view, poorly structured service interfaces can complicate development and optimization of business processes. Conversely, well-designed service interfaces can accelerate development schedules and facilitate business-level flexibility. Web services are a natural fit for constructing SOA solutions. Many existing and future industry standards in the Web services arena, such as SOAP, Java API for XML-based RPC (JAX-RPC), WSDL, and WS-* specifications) ensure interoperability. Subsequent articles in this series examine best practices for structuring Web Services Description Language (WSDL) documents and fault handling.

Open Document Format Legislation: Testimony to the Texas House and Senate
Bob Sutor, Open Blog

"This is the text for the testimony I delivered to both the Texas House and Senate this last Monday, March 24, 2007... Good afternoon/evening, Mr. Chairman and members of the Committee. IBM supports this bill. This bill is about the future, increased competition and innovation, and about more choice for Texas. It is completely consistent with the technological and intellectual property directions of the software industry. The current file formats for how you save office document used by most of you and your citizens are based on technology and practices from the 70s, 80s, and 90s when some companies locked customers into their products and upgrades. This is not acceptable today. When you and your citizens are effectively restricted to a single software supplier to access government information, you and they pay what I would consider taxes. Open standards avoid this... The first tax is the difference between what you must pay to that supplier vs. the lower cost if multiple suppliers existed and prices had to be competitive. You would also pay an innovation tax. The sole vendor has limited reasons to improve the product. Fresh ideas from new players such as Texan entrepreneurs are kept out of the product category... In closing, the world is shifting to non-proprietary open standards based on the amazing success of the World Wide Web, a success that was far more important than any single vendor's market position or ideas for what was right for the world. We can do this again but we need to do it with care. Texas is in a position to demonstrate to its citizens and the world that this success is repeatable and that it intends to be a leader. Texas can show that the phrase 'open standard' means more than what a corporate marketing department says it is..."

Microsoft's Open XML Takes Next Step Toward Becoming a Standard
John Fontana,

Microsoft's bid to have its Open XML file format approved as an ISO standard took another step forward Monday when that organization put the measure on a voting ballot sent to its member countries. The International Organization for Standardization (ISO) announced that Open XML had moved to the next phase of review by being included on the ISO's 5-month ballot, which was sent out Monday and is due to close September 2, 2007. The voting will be followed by an ISO Ballot Resolution meeting. During the 5-month period, the draft standard is reviewed and can be amended by agreement of the member countries. Open XML was approved in December by Ecma International, an international membership-based standards organization for information and communication systems, as measure 'Ecma-376' and submitted for adoption under the 'fast-track process' of a joint technical committee (JTC-1) made up of the ISO and the International Electrotechnical Commission (IEC). The move to put the measure on the ballot comes after Ecma held a mandatory one-month period to accept comments from ISO member countries. Twenty of 30 member countries responded and Ecma published the comments on the Web.

From Java EE Security to Acegi: Protect Your Web Applications
Xinyu Liu, Java World Magazine

Protecting sensitive data and data transportation is a preliminary but critical requirement for application developers. The Internet is a public and insecure infrastructure connecting millions of computers world-wide for data interchange. Any device connected to the Internet faces various types of security threats, such as eavesdropping, masquerading, message tampering, replaying, infiltration, traffic analysis, or denial-of-service. Web applications generally deal with sensitive and valuable data as assets of the application owners. Security programming as part of Web development deserves all efforts. Java EE is an industrial standard programming platform that makes cross-cutting concerns like security and transaction into standard services to free developers from muddy infrastructure coding jobs. The security services in Java EE enable developers to build strong and elaborate protections for their applications with minimum effort. Apart from Java EE, Spring is a fantastic and popular open source framework designed on top of the Java EE standard that addresses the missing or problematic pieces from earlier versions of the Java EE specification (1.0-1.4). Spring's features and value plus the fact that a Spring container can live in a Web server without a heavy-weight application container contribute to its continued dominance in the application framework market. Acegi designed for Spring provides flexible, powerful, and comprehensive security beyond what's available in the Java EE standard. This article provides an in-depth introduction and comparison of Java EE security and Acegi. They both offer a variety of security services to make application security programming easier. The declarative and annotation-based programming methodologies let developers focus on business concerns in Java classes and encourage programming using POJO. For applications built on top of Spring, Acegi is preferred due to the enhanced features not usually available in Java EE security. Without Spring, developers should take advantage of the security services defined in Java EE to implement "container-managed security." The risks and uncertainties involved make a homegrown security system the last thing you want to explore.

See also: the IBM developerWorks article

Publishing Writer Documents on the Web
Dmitri Popov,

Although has an HTML/XHTML export feature, it is not up to the snuff when it comes to turning Writer documents into clean HTML files. Instead, this feature turns even the simplest Writer documents into HTML gobbledygook, and while it attempts to preserve the original formatting, the results are often far from perfect. Moreover, publishing static HTML pages is so '90s: today, blogs and wikis rule the Web. So what options do you have if you want to convert your Writer documents into tidy HTML pages or wiki-formatted text files? Quite a few, actually. Let's start with the simplest scenario, where you need to convert a single Writer document into an HTML page. One way to do this is to use a pair of scripts: and The first script converts the Writer document into a plain text file and turns the text formatting into markdown markup. You can then convert the resulting text file into HTML using the script... Using the odt2txt script for intermediary conversion has another advantage. Many blog, wiki, and content management systems support the markdown syntax either directly or via optional plugins. This means that you can easily publish the marked down file on your wiki or blog. For example, if you are using DokuWiki, you can make it recognize markdown by installing the markdown plugin. By default, some assembly is required... Speaking of wikis, you can also convert the HTML file into a "native" wiki page using the excellent HTML::WikiConverter service. It supports all major wiki formatting dialects, and it's available as a standalone Perl script, which you can install and use on your own machine. It's not all sunshine and unicorns, though, and the odt2txt script does have its limitations. The current version of the script supports the following formatting: italics, bold italics, ordered and unordered lists, block quotes, code blocks, hyperlinks, and footnotes. The two major elements that are not recognized by the script are tables and images. If you want to publish the contents of a Writer document as a post on your blog, you can easily do so by using the functionality provided by Google Docs... These approaches are not as straightforward as clicking an Export button, but if you want to generate tidy HTML files out of your Writer documents or publish them on your blog or wiki, you should give these techniques a try.


XML Daily Newslink and Cover Pages are sponsored by:

BEA Systems, Inc.
IBM Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: