This issue of XML Daily Newslink is sponsored by:
SAP AG http://www.sap.com
Open Geospatial Consortium Announces New Automated Compliance Tests
Staff, OGC Announcement
The Open Geospatial Consortium, Inc. (OGC) membership has adopted new test suites, test scripts and reference implementations for OpenGIS Specifications. A new TEAM Engine (Test, Evaluation, and Measurement Engine) and Compliance Test Language were adopted as the OGC's official new compliance testing platform. These new free tests and testing software enable technology providers to confirm that their products are compliant with OpenGIS standards. Providers can then submit products for certification. Certified products can carry the OGC 'Certified Compliant' mark to formally signify adherence to OGC standards. Test suites were adopted for the following OpenGIS implementation specifications: (1) Web Map Service (WMS) 1.3.0; (2) Web Feature Service (WFS) with Filter Encoding 1.1.0; (3) Geography Markup Language (GML) Simple Features SF 1.0; (4) Catalog Services - Web (CS/W) 2.0.1; (5) Web Map Context (WMC) 1.1.0; (6) GeoRSS GML. To assist programmers in developing solutions, open source reference implementations were adopted for: WMS 1.3.0, CS/W 2.0.1, and WFS 1.1.0. Developers can download the TEAM Engine to test their implementations of the OGC's OpenGIS implementation specifications in the developers' own environments. The TEAM Engine, an open source program developed by Northrop Grumman, and the test suites and reference implementations, contributed by other OGC members, were among the results of the OGC's fourth OGC Web Services test bed activity (OWS-4).
See also: "Geography Markup Language (GML)
NETCONF Access Control Profile for XACML
Ludwig Seitz and Erik Rissanen (eds), IETF Internet Draft
The NETCONF remote network configuration protocol currently lacks an access control model. The NETCONF protocol RFC (RFC 4741) specifies in its Section 9 Security Considerations that "This document does not specify an authorization scheme, ... Implementors SHOULD provide a comprehensive authorization scheme with NETCONF". The need for such a model has be recognized within the NETCONF working group. The Extensible Access Control Markup Language (XACML) is an XML-based access control standard, with widespread acceptance from the industry and good open-source support. This document proposes a profile that defines how to use XACML to provide fine-grain access control for NETCONF commands. The reasons why the use of XACML is suggested are the following: (1) XACML is an open standard that has been developed by an industry consortium; (2) XACML is an XML based approach, that is well adapted to the authorization challenges encountered within NETCONF; (3) XACML is widely accepted and used in a number of commercial products; (4) Open-source implementations of the XACML standard are readily available. The memo defines how a PEP should generate a XACML request from a RPC carrying a NETCONF operation. The response to this request determines whether the RPC is processed or discarded. Furthermore this profile defines how policies corresponding to permissions about a specific NETCONF operation on specific data should be formulated.
See also: XACML references
Faster Data Transport Means Faster Web Services with MTOM/XOP
Young Yang, DevX.com
The technologies of Message Transmission Optimization Mechanism (MTOM) and XML-Binary Optimized Packaging (XOP) are concerned with the fundamental issue of binary data transmission, which is of great importance to web service performance. Since becoming W3C standards in 2005, XOP and MTOM have been quickly and widely adopted in next-generation SOAP engines. In hindsight, one has to wonder why they were not proposed earlier in the development of web services or as part of the original SOAP specification. This article introduces MTOM and XOP, discusses the problems they address, and then uses an example to demonstrate how to work with them in JAX-WS 2.0. XOP extracts binary data in an XML document and serializes them into packages located inside an extensible packaging format such as MIME Multipart/Related. The new XML document marks the locations of those binary data packages with special elements that contain URI identifying the corresponding location. MTOM provides a concrete implementation for using XOP to optimize the transmission and/or wire format of SOAP messages. It describes how to serialize a SOAP envelope using the XOP format and MIME Multipart/Related packaging (note that MIME Multipart/Related is not required in XOP). Following the rules specified, MTOM serializes a SOAP message into a MIME Multipart/Related XOP package with one body part (the root) that contains an XML representation of the modified SOAP envelope and additional parts that contain the binary representation of each element of the xs:base64Binary type. With MTOM, deserialization of this transferred SOAP message follows the standard XOP approach. MTOM further specifies a concrete implementation of this mechanism for SOAP HTTP binding. For example, it requires placing the MIME headers of the resulting MIME Multipart/Related XOP package in HTTP headers and the rest of the package into the HTTP body. The next version of JAX-WS (2.1.1) standardizes the feature of setting thresholds to enable MTOM only for large-sized data. It also will feature two new annotations (@javax.xml.ws.Feature and @javax.xml.ws.FeatureParameter) for easily configuring MTOM support.
Layer 7 Introduces Virtual SOA Appliance
Tony Baer, Computer Business Review Online
Layer 7 Technologies, which makes a variety of appliance and software-based XML firewalls, is adding virtualization to the mix. The result is that the software version of Layer 7's appliance becomes more compelling because you could now cram it into a VMware partition. The idea is to add more flexibility to the job of parsing, threat prevention, and mediating XML messages so you could ramp up capacity on demand. By supporting real-time download and support, you could conceivably activate XML firewall capabilities on a moment's notice, although that strategy would only work if you've already been through the configuration process with other instances of the firewall. Advertisement For scalability, the new virtual appliance supports clustering, so it could run as a virtual partition in one or more nodes, and it can run in multi-tenant data centers that are already relying on virtualization. At some point virtualization was bound to hit the world of XML processing. It's been coming to the components that surround the XML layer, as providers like IBM, Oracle, and BEA proffer virtualization strategies for their Java middle tier platforms.
Backbase to Offer AJAX Tools For iPhone
Andy Patrizio, InternetNews.com
XML Daily Newslink and Cover Pages are sponsored by:
|BEA Systems, Inc.||http://www.bea.com|
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/