A draft version of Web Services Provisioning (WS-Provisioning) has been presented by IBM/Tivoli as a submission for consideration by the OASIS Provisioning Services TC. The contribution is provided as input to technical work on SPML Version 2, as Service Provisioning Markup Language (SPML) Version 1.0 is currently up for review and ballot as an OASIS Standard. The WS-Provisioning specification "describes the APIs and schemas necessary to facilitate interoperability between provisioning systems and to allow software vendors to provide provisioning facilities in a consistent way. The specification addresses many of the problems faced by provisioning vendors in their use of existing protocols, commonly based on directory concepts, and confronts the challenges involved in provisioning Web Services described using WSDL and XML Schema. WS-Provisioning defines a model for the primary entities and operations common to provisioning systems including the provisioning and de-provisioning of resources, retrieval of target data and target schema information, and provides a mechanism to describe and control the lifecycle of provisioned state." The WS-Provisioning authors envision that the technical work of the OASIS PSTC may at some point converge with the IBM specification.
Web Services Provisioning (WS-Provisioning). By Gearard Woods and Tony Gullotta (IBM). Draft Version 0.7. October 01, 2003. Copyright (c) 2003 International Business Machines Corporation. Schemas and WSDLs: wsp.wsdl, api.xsd, core.xsd, notification.xsd, xml.xsd. Comment from Gerry Woods in connection with the SPML 2.0 Submission: "I've attached the IBM/Tivoli submission for consideration by the committee. It should be noted that the documents contained in this package provide implementations of some general features, such as notifications and asynchronous operations, that may in future take advantage of standardization efforts by other bodies and committees. Portions of the specification may also benefit from ongoing work in the general management standards surrounding Web Services. I'm sure all of the members of the committee agree that the work of the PSTC should comfortably interoperate with these standards in a consistent way..."
From the Draft IBM/Tivoli WS-Provisioning Specification
"WS-Provisioning describes the APIs and schemas necessary to facilitate interoperability between provisioning systems and to allow software vendors to provide provisioning facilities in a consistent way. The specification addresses many of the problems faced by provisioning vendors in their use of existing protocols, commonly based on directory concepts, and confronts the challenges involved in provisioning Web Services described using WSDL and XML Schema."
"This document presents a provisioning service interface that is based on the Web Services Description Language (WSDL) as the interface definition language, the Simple Object Access Protocol (SOAP) as the transport of choice, and XML Schema as the preferred schema description language. These standards are important because some of the most commonly used protocols in provisioning are based on directory standards, such as LDAP and DSMLv2, which have significant limitations. Vendors currently work around these limitations. With the availability and widespread use of Web Services standards, there is an opportunity to create an interface that specifically targets the task of provisioning and promises not only to allow products from different vendors to interoperate seamlessly, but to also describe and manage services built upon these emerging standards."
Related Standards: "There are few widely accepted standards for provisioning. The most important effort to date is probably the work done by the Provisioning Service Technical Committee (PSTC) at OASIS. As part of this effort, the PSTC has defined a set of Use Cases that reflect the operational requirements of a provisioning system. This specification is compatible with those Use Cases."
Use of DSML: "This specification is quite open-ended and makes no assumptions about the schema language used to define the metadata for targets or users. As a later example will show, it is perfectly acceptable to use the schema language defined in DSML (version 1) as the means to communicate metadata within the context of this submission. In fact, a target resource may elect to use multiple schema languages. To illustrate how DSML might be used with this specification, an example is included in the text. DSML version 2 (DSMLv2) is not directly supported by this specification but there is at least one implementation that allows WS-Provisioning to be used with DSMLv2 repositories through the use of the Java Naming and Directory Interface (JNDI)..."
Applicability of this Specification: "This specification is intended to facilitate the communication of provisioning information between the three primary entities involved in the provisioning process: the client, provisioning services (PSPs) and targets. The conventional deployment approach would be to have the PSP act as an aggregator of targets and the client would then communicate only with the PSP. If the ProvisioningService interface described in this specification is implemented by a target such as a software application, then it is possible that clients might address the target directly rather than through a PSP. However, it is unlikely that simple targets will provide some of the higher level features supported by this specification, such as lifecycle management. This specification does not assume a particular deployment architecture..."
Services and Schemas: "The specification describes three service interfaces: (1) The ProvisioningService interface. This corresponds to the PSP described in the PSTC Use Cases. This is the focal point for all provisioning operations, offering the means to determine the target resources that may be provisioned, discover their schema, and perform the actual provisioning and de-provisioning operations. (2) The NotificationService interface. An optional interface which is used to subscribe to and receive provisioning events. (3) The NotificationListener interface. An optional interface used by the Notification service to communicate events. Each service definition is comprised of a number of schemas and interface descriptions. At the root of the specification is the core WS-Provisioning schema that defines the basic data model. On top of the core schema sits an API specification that identifies the basic messages used by the central Provisioning Service. The Notification service has additional schemas which also depend on the core schema..." [excerpted from the v0.7 specification]
About the OASIS Provisioning Services Technical Committee
"The purpose of the OASIS Provisioning Services Technical Committee (PSTC) is to define an XML- based framework for exchanging information between Provisioning Service Points. This framework will be referred to as the Service Provisioning Markup Language (SPML)." See the full Charter for details.
"In late 2001, the OASIS Provisioning Services Technical Committee (PSTC) was formed to define an XML-based framework for exchanging user, resource and service provisioning information. The resulting specification defines the concepts, operations, deployment and XML schema, for an XML based request and response protocol for provisioning."
In June 2003, the OASIS PSTC announced the adoption of three documents as a Committee Specification set for the Service Provisioning Markup Language (SPML). The public review period for SPML (CS) began June 05, 2003 and closed July 05, 2003. In September 2003 the Provisioning Services TC (PSTC) submitted Version 1.0 of the Service Provisioning Markup Language (as an approved Committee Draft) for review and consideration for approval by OASIS members to become an OASIS Standard. A voting period was designated to end on October 31, 2003. See the Version 1.0 Specification Outline for details.
"SPML V1.0 builds upon the work of the Directory Services TC. SPML re-uses some of the concepts and schema elements of the DSML v2.0 specification. In outline it builds upon its basic name/value attribute representation model, as part of the SPML provisioning schema."
SPML V1.0 supports a model in which senders and receivers of SPML protocol messages agree upon the context of a predefined unique identifier for the provisioning of data. One of the identifier types that SPML supports is a SAML assertion. In summary a SAML assertion may be the unique identifier used to qualify a subject, against which, a specific request is targeted..." [from the Version 1.0 Spec Outline]
SPML Version 1.0 (Committee Specification) URLs:
- Service Provisioning Markup Language (SPML) Version 1.0. June 03, 2003. Core specification document; contains both normative and non-normative description of the 1.0 specification.
- Bindings for the Service Provisioning Markup Language (SPML) Version 1.0. June 03, 2003. Bindings document; contains normative description of SOAP/HTTP and file based transport bindings.
- XML Schema. Contains the definition of message and protocol formats for SPML V1.0.
- WS-Provisioning distribution file. See the file listing for the ZIP archive. Schemas and WSDLs: wsp.wsdl, api.xsd, core.xsd, notification.xsd, xml.xsd.
- "SPML 2.0 Submission." Posting from Gerry Woods (IBM). See the associated ZIP archive.
- Web Services Provisioning (WS-Provisioning). IBM developerWorks, Web services. IBM web site summary. Version 0.7 (or later) is available from this reference page.
- OASIS Provisioning Services TC website
- PSTC FAQ document
- PSTC mailing list archives
- Also on Service Provisioning Markup Language (SPML):
- "SPML Provisioning and Identity Management Specification Balloted for Approval."
- Version 1.0 Specification Outline. Balloted for approval as an OASIS Standard.
- "Sun and Waveset Provide Identity Management Solution for PeopleSoft Using SPML"
- "OASIS Member Companies Host SPML Identity Management Interoperability Event"
- "OASIS TC Releases Committee Specifications for Service Provisioning Markup Language (SPML)"
- "OASIS Technical Committee Proposed for Provisioning Services (PSTC)"
- "XML-Based Provisioning Services" - Main reference page.