This issue of XML Daily Newslink is sponsored by:
BEA Systems, Inc. http://www.bea.com
- OASIS Forms Web Services Federation (WSFED) Technical Committee
- WS-Federation 1.1 Embodies Lessons Learned from Shipping Products
- Progress Sonic BPEL Server Delivered in Sonic ESB 7.5
- Secure, Reliable Web Services with Apache
- W3C Publishes Five Scalable Vector Graphics (SVG) Working Drafts
- ITC Standard Setting Today: A System Under Stress
- The Challenges of Latency
OASIS Forms Web Services Federation (WSFED) Technical Committee
Staff, OASIS Announcement
On May 02, 2007, OASIS announced that members of the consortium had formed a new committee to advance the WS-Federation specification through the international standards process. WS-Federation aims to extend the scope of identity management, enabling federations of trust. Version 1.1 of the specification, which was created by a cooperative of eight companies, will be contributed to the new OASIS WS-Federation Technical Committee for advancement and input from the broader community. The OASIS WS-Federation Technical Committee will work to simplify interactions between the participants of a federation. The group will advance capabilities for structuring and acquiring federation metadata, sign-out notifications, and the use of pseudonym and identity mapping and attribute services. In addition, the Committee will enable brokered trust relationships and distributed authentication and authorization to be used in browser-based scenarios. The WS-Federation Technical Committee will operate under the Royalty Free on RAND Terms mode, as defined by the OASIS Intellectual Property Rights Policy. Paul Cotton of Microsoft, convener of the OASIS WS-Federation Technical Committee: "Organizations and business partners will be able to collaborate more safely and smoothly with WS-Federation. Today, it often takes weeks for a company to set up user accounts and access privileges to enable their partner organizations' staff to safely gain access to shared materials. When a project is complete, all that time and effort must be repeated in order to revoke the partner's accounts. WS-Federation allows user accounts to continue to be owned, stored, and managed by the users' companies, and shared as needed with partner organizations, instead of relinquishing control to them or creating duplicate copies."
WS-Federation 1.1 Embodies Lessons Learned from Shipping Products
Don Schmidt, Blog
"Why is WS-Federation being republished and proposed for standardization now? The original version of the WS-Federation specification was developed through open workshops and vendor interoperability testing, in keeping with the WS-* Specification Process. When WS-Federation 1.0, was published in July 2003 we anticipated two distinct types of federation clients, Active and Passive Requestors. At that time our focus was on Web Single Sign-on (Web SSO) for browser clients and web applications, so we drafted a profile for passive requestors. Driven by customer demand for Web SSO solutions, numerous vendors built prototypes based on this fledgling profile. There was one defining event which convinced many of us that it was time to develop commercial products. This was the Multiprotocol Federation Interoperability Demonstration hosted by the Burton Group at their Catalyst Conference North America in July, 2005. Today many vendors are shipping (or have announced development of) Web SSO products based on WS-Federation 1.0... The computer, security and identity industries have come to greatly improve their understanding of the ways in which identity information is most effectively federated. Customer experience has indicated that an Active Requestor Profile is not required; SOAP requestors can use the WS-Trust protocol directly. Since support for browser-only clients is such a small part of WS-Federation, a separate Passive Requestor Profile is no longer warranted... At the previously mentioned Catalyst Conference, Microsoft and IBM announced plans to submit three WS-* specifications, WS-Trust, WS-SecureConversation and WS-SecurityPolicy, to OASIS. The ratification of these specifications as OASIS standards is almost complete..."
See also: WS-Federation and SAML 2.0
Progress Sonic BPEL Server Delivered in Sonic ESB 7.5
Staff, Progress Software Announcement
Progress Software Corporation, a global supplier of application infrastructure software used to develop, deploy, integrate and manage business applications, has announced the immediate availability of Progress Sonic ESB 7.5. This release adds full WS-BPEL 2.0 support to the Sonic ESB Product Family with the new Sonic BPEL Server. In addition, it provides SOA management and common data model management through integration with the Progress Actional and Progress DataXtend Semantic Integrator (SI) products. The Progress Sonic BPEL Server adds sophisticated, standards-based service orchestration to the intelligent routing capabilities of Sonic ESB. It improves developer productivity by simplifying the building, testing and deployment of sophisticated service orchestration that integrates with heterogeneous end-points throughout the enterprise. Through the drag-and-drop graphical user interface of the Eclipse-based Progress Sonic Workbench development environment, the Sonic BPEL Server enables service composition and event correlation with zero programming. In addition, Sonic's patent-pending distributed debugging technology supports integrated development, testing and debugging of distributed BPEL orchestration, intelligent routing, and integration services. Sonic ESB 7.5 also introduces development and runtime integration with Progress DataXtend SI, which dramatically simplifies common data model lifecycle management, transformation and validation. It integrates with Sonic ESB development and runtime, leveraging common Eclipse-based tooling and the ability to deploy semantic services in ESB containers. As Sonic ESB helps organizations eliminate rigid architectures of point-to-point service connections, DataXtend SI solves the problem of point-to-point data transformations, making it much easier to integrate data and evolve an SOA with diverse connected systems.
See also: the datasheet
Secure, Reliable Web Services with Apache
Kyle Gabhart, XML.com
Open source computing has gained a tremendous degree of momentum in the last few years. Nowhere is this more evident than in the area of web services and Service-Oriented Architecture (SOA). The Apache Foundation alone has more than 20 SOA/WS projects. One of the common obstacles for large enterprises to adopt open source solutions for key systems is the lack of administrative infrastructure and standardized glue for pulling together complementary projects. Essentially, the lack of a true open source "platform", along with professional consulting and training services, limits more extensive adoption of open source technology. One group that has successfully addressed this open source platform gap is the JBoss Group. Until recently, however, no such group existed to establish a platform around Apache SOA projects. Enter WSO2 (WS "Oh" 2). This article introduces the WSO2 platform by looking at two key features—security and reliable messaging. We will begin with an examination of the relevant WS-* standards (WS-ReliableMessaging, WS-Security, WS-SecureConversation, and WS-Trust) followed by a peek into the related Apache projects. Then we will proceed to explore the value-add that WSO2 provides above and beyond the basic Apache projects.
See also: Reliable Messaging
W3C Publishes Five Scalable Vector Graphics (SVG) Working Drafts
Staff, W3C Announcement
W3C's SVG Working Group has published five Working Drafts for version 1.2 of the Scalable Vector Graphics (SVG) standard. Three of the Working Drafts extend the language to add raster effects like drop shadows. First Public Working Drafts include: SVG Filter Requirements, SVG Filters 1.2 Primer, and SVG Filters 1.2 Language. Previously part of SVG 1.1 but published here as an independent module, SVG Filters are used to process images before they are displayed. These filter effects are defined in XML for SVG and can be used in other environments such as HTML styled with CSS, or XSL:FO. Updated Working Drafts include SVG Print 1.2 Primer and Language, which extend the language for multiple page and color management support. SVG provides interactive vector graphics, text, images, animation and graphical applications in XML.
See also: the W3C news item
ITC Standard Setting Today: A System Under Stress
Andrew Updegrove, Consortium Standards Bulletin
The modern standards development infrastructure is largely the product of the industrial age, and evolved to address the needs of such an economy. The requirements of a world that is increasingly based upon information and communications technology, however, are far different, and include demands for faster standards development, more vulnerability to uncooperative owners of necessary patent claims, and a greater need for universal, global adoption of core enabling standards. These needs have been partially addressed through several organic developments, such as the proliferation of consortia, the evolution of more detailed intellectual property rights policies, and the passage of the World Trade Organization's Technical Barriers to Trade Act. But the advent of the Internet and the Web, and the continuing introduction of new ICT-based products and services in ever shorter and more frequent product cycles, are exposing the fact that a system that retains strong roots in the 19th century is ill-suited to meet the demands of the 21st. In this article, I survey some of the areas of inadequacy inherent in the current system, the ways in which society is being impacted by new standards-dependent technologies, and the situations in which governments may feel called upon to intervene.
The Challenges of Latency
Dan Pritchett, InfoQ
Latency: the time it takes packets to flow from one part of the world to another. Everyone knows it exists. The second fallacy of distributed computing is "Latency is zero". Yet so many designs attempt to work around latency instead of embracing it. This is unfortunate and in fact doesn't work for large-scale systems. Why? In any large-scale system, there are a few inescapable facts: (1) A broad customer base will demand reasonably consistent performance across the globe; (2) Business continuity will demand geographic diversity in your deployments; (3) The speed of light isn't going to change. The last point can't be emphasized enough. The speed of light dictates that even if we can route packets at the speed of light, seems unlikely, it will take 30ms for a packet to traverse the Atlantic... You can decompose your applications into a collection of loosely coupled components; expose your services using asynchronous interfaces, and yet still leave yourself parked in one data center with little hope of escape. You have to tackle your persistence model early in your architecture and require that data can be split along both functional and scale vectors or you will not be able to distribute your architecture across geographies. Splitting data is more complex than splitting applications. But if you don't do it at the beginning, applications will ultimately take short cuts that rely on a monolithic schema. These dependencies will be extremely difficult to break in the future...
XML Daily Newslink and Cover Pages are sponsored by:
|BEA Systems, Inc.
|Sun Microsystems, Inc.
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/