XML and Web Services In The News - 22 January 2007

Provided by OASIS | Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by Sun Microsystems



HEADLINES:

 Enhancements to B2MML Now Available for Review
 Introduction to Ajax for Page Authors
 OSDL, Free Standards Group Merge to Form Linux Foundation
 WS-ResourceTransfer Update
 An Interesting Offer: Get Paid to Contribute to Wikipedia
 Making XML in a Rails App
 OpenID and SAML: A Swirling Nexus
 Comparison: OpenID and SAML
 Sun Jumps On
 Crossing Borders: Closures


Enhancements to B2MML Now Available for Review
Editorial Team, Processingtalk.com
WBF and ISA have announced that the Business To Manufacturing Markup Language (B2MML) v04 Release Candidate 2 schemas and documentation are now available on the WBF XML Working Group internal website. This represents a major enhancement of B2MML; including support for ISA-95 Part 5 Transactions, OAGIS messages and UN/Cefact core components while still maintaining backward compatibility to V0300. Documents are available for review until February 9, 2007. This version includes several major enhancements including: 1) Support for ISA-95 Part 5 Transactions has been added to support a wider range of integration problems. 2) Message headers, commands, and formats are consistent with OAGIS transaction message formats, significantly reducing end user and vendor costs for system integration. 3) Support for UN/Cefact Core Components aids in interoperability with other XML vocabularies, such as the OAGIS 9.0 schemas. B2MML was developed by the WBF XML Working Group to provide manufacturing companies with a freely available XML Schema implementation of the ISA-95 Enterprise - Control System Integration Standard. The ISA-95 standard provides models and terminology to standardise the integration of enterprise systems and manufacturing control systems. The standard has been adopted by manufacturing companies as a framework for planning and designing integration projects. B2MML provides an IT ready implementation of the ISA-95 standard and has become the defacto implementation vehicle for ISA-95 based projects. The consistency of the ISA-95 and OAGIS transactions is an example of the continued impact of the Manufacturing Interoperability Guideline Working Group, a collaborative effort between OAGI, WBF, ISA, MIMOSA, and OPC Foundation. The objective of the Manufacturing Interoperability Guideline Working Group is to develop an industry guideline that defines generic business process models between the operations management and business layers of the manufacturing support system. WBF and ISA are also members of The Automation Federation, an umbrella organization under which associations and societies engaged in manufacturing and process automation activities can work more effectively to fulfill their missions.
See also: the B2MML web site

Introduction to Ajax for Page Authors
Ed Ort, Sun Developer Article
Ajax is currently the primary technique for driving the high responsiveness and interactivity of some of the most popular applications on the web such as Google Maps and Flickr. These applications are representative of a new generation of highly responsive, highly interactive web applications, referred to as Web 2.0 applications, that often involve users collaborating online and sharing content. Ajax has different implications for developers working in different roles. For example, component developers creating custom components for web applications build Ajax functionality into the design. Page authors use these Ajax components, along with widgets, JavaScript technology, and other techniques, to incorporate Ajax functionality into their web applications. Ajax impacts other roles too. For example, enterprise application developers need to add logic in server-side components to handle Ajax-related requests directed to the server. You can add Ajax functionality to a web page in many ways. In general, these approaches vary in the amount of JavaScript code you need to incorporate into the page. Some approaches, such as using Ajax-enabled JavaServer Faces components, encapsulate the JavaScript code in the component, so you don't have to do any JavaScript coding. Other approaches, such as using widgets from the Dojo toolkit, provide some of the JavaScript code. In still other approaches, you do most or all of the JavaScript coding. Choose the approach or combination of approaches that best fits the functional requirements of your web application and with which you're most comfortable. This article focuses on page authors and describes various techniques that you can use to add Ajax functionality to a web page.

OSDL, Free Standards Group Merge to Form Linux Foundation
China Martens, InfoWorld
The two main evangelizers of the Linux operating system, Open Source Development Labs (OSDL) and the Free Standards Group (FSG) are merging to form the Linux Foundation. The two industry consortiums announced that they're in the final stages of combining their respective operations, according to Jim Zemlin, who will head the Linux Foundation. He was the FSG's executive director. With Linux now an established operating system presence for embedded, desktop and server systems, the primary evangelizing mission that the OSDL and FSG embarked upon in 2000 has come to an end, Zemlin said. The focus for the foundation going forward is on what the organization can do to help the Linux community more effectively compete with its primary operating system rival Microsoft. Interoperability is a key area to work on as is backward compatibility between newer and older Linux releases, Zemlin said. At the same time, the foundation will look to expand the legal protection it offers developers and continue to provide a "safe haven" for Linux kernel developers, including the creator of the operating system Linus Torvalds. Within the open-source community, the establishments of foundations to act as focal points to work on particular areas of technologies is an ongoing trend. The intention is that the Linux Foundation will become the go-to place for Linux development in the same way that the Eclipse Foundation is already the center of tools development, the Apache Software Foundation the hub of Web server and middleware work and Mozilla Foundation the heart of browser and Web interface creation. The OSDL and FSG always worked closely together and had discussed merging on several occasions. There was a fair amount of overlap in members between the OSDL and FSG. The Linux Foundation staffed by 45 full-time employees and contractors will begin life with some 70 members including software vendors such as Hewlett-Packard, IBM, Novell, Oracle, and Red Hat as well as universities and end users.
See also: the announcement

WS-ResourceTransfer Update
Ian Robinson, Blog
In 2006 IBM, Microsoft, HP and Intel announced an initiative to unify the WSDM and WS-Management standards supporting service management. This initiative includes the unification of the infrastructure that underpins WSDM and WS-Management. I'm the editor of the first specification published (in August 2006) as part of that initiative — WS-ResourceTransfer (WS-RT) — which defines a Web service retrieval and update protocol for manageable resources. This specification took as its inputs the WS-Transfer W3C member submission and the WS-ResourceFramework (WSRF) OASIS standard; our goal is to bring together the two communities using these specifications, and those that build on them, At the time of writing the most recent activity on this specification was the public feedback workshop held in Cupertino, CA, on 6 December 2006. The feedback we received was generally very positive and will be factored in a future revision of this specification. A foilset that describes the WS-RT specification and the feedback we received is available through the WS-RT Workshop YahooGroup web site.
See also: WS-RT references

An Interesting Offer: Get Paid to Contribute to Wikipedia
Rick Jelliffe, O'Reilly Opinion
I was a little surprised to receive email a couple of days ago from Microsoft saying they wanted to contract someone independent but friendly (me) for a couple of days to provide more balance on Wikipedia concerning ODF/OOXML. I am hardly the poster boy of Microsoft partisanship! Apparently they are frustrated at the amount of spin from some ODF stakeholders on Wikipedia and blogs. I think I'll accept it: FUD enrages me and MS certainly are not hiring me to add any pro-MS FUD, just to correct any errors I see. If anyone sees any examples of incorrect statements on Wikipedia or other similar forums in the next few weeks, please let me know: whether anti-OOXML or anti-ODF. In fact, I already had added some material to Wikipedia several months ago, so it is not something new, so I'll spend a couple of days mythbusting and adding more information. Just scanning quickly the Wikipedia entry for OOXML, I see one example straight away: The OOXML specification requires conforming implementations to accept and understand various legacy office applications . But the conformance section to the ISO standard (which is only about page four) specifies conformance in terms of being able to accept the grammar, use the standard semantics for the bits you implement, and document where you do something different. The bits you don't implement are no-one's business. So that entry is simply wrong. Now I certainly think there are some good issues to consider with ODF versus OOXML, and it is good that they come out an get discussed. As I have mentioned before on this blog, I think OOXML has attributes that distinguish it: ODF has simply not been designed with the goal of being able to represent all the information possible in an MS Office document; this makes it poorer for archiving but paradoxically may make it better for level-playing-field, inter-organization document interchange. But the archiving community deserves support just as much as the document distribution community. And XHTML is better than both for simple documents. And PDF still has a role. And specific markup trumps all of them, where it is possible. So I think there are distinguishing features for OOXML, and one of the more political issues is do we want to encourage and reward MS for taking the step of opening up their file formats, at last?

Making XML in a Rails App
Deepak Vohra, XML.com
Ruby on Rails is a database-based web framework. An XML document may be created and parsed with Ruby on Rails. Rails provides a Ruby library called Builder to generate XML markup. The Builder package contains class Builder::XmlMarkup to generate an XML document. In this article, we will create an XML document from a database table with the Builder library. Before installing Builder, we need to install the Ruby on Rails framework and RubyGems, the standard Ruby package manager. We also need to install the MySQL database for creating an XML document from the database. Then we will create an XML document from a database table as a Rails application.

OpenID and SAML: A Swirling Nexus
Eve Maler, XML Grrl Blog
A bunch of us who are involved in OpenID, SAML, XRI, and Liberty identity web services took advantage of our relative proximity this past week and got together just prior to the Portland OpenID Mashpit to discuss the proposition: Where and how can we move from incompatibility to convergence? Besides myself, on hand were gracious JanRain host Scott Kveton, his colleague Jason McKerr (who ably talked me and my car down from a precarious position on a steep icy street), RL "Bob" Morgan of Shibboleth fame, OpenID maven David Recordon, XRI guru Drummond Reed, his colleague (and my fellow songwriter) Laurie Rae, and SAMLista Jeff Hodges of Neustar. I hope these folks will speak up to correct any details I've gotten wrong here. I've supplemented with a ton of links that weren't in my original notes so as to make this post as directly useful as possible... There are lots of reasons to be striving for better compatibility and more convergence. SAML and Liberty technologies have deliberately stayed the heck away from questions of user experience, which OpenID is exploring in rapid, consensus-driven fashion as an essential part of its innovations around web-friendly identifiers. OpenID has deliberately stayed the heck away from being a trust system, a challenge that Liberty has met head-on with technology, public policy, and business needs in mind. The growth curve of OpenID has been truly staggering, but in the realm of lightly protected data and lightweight applications so far. SAML and Liberty have an adoption pattern that is both deep and wide, but is typically enterprise-heavy and not intended for "promiscuous" open-Internet use (though there are notable exceptions, such as ProtectNetwork and OpenIdP). OpenID has already been through a convergence trend, incorporating XRI and Yadis and being influenced by several other systems. SAML has done the same, with Shibboleth profiles and Liberty's federation work ultimately coming to rest in SAML2. A lot of complementarity here, yes? There are some jobs they both tackle to varying degrees today — namely identity provider discovery, service metadata, and authentication services — though their knobs and dials for security and ease of deployment are tuned to different settings.

Comparison: OpenID and SAML
Jeff Hodges, Draft Technical Report Version -00
This document presents a brief comparison of OpenID and SAML. For the most part, the comparison is between OpenID 2.0 and SAML 2.0, although there are some mentions of prior versions of each. The comparison addresses technical features, breadth of addressed use cases, and attributes of the specification sets. OpenID, both 1.X and 2.0, and SAML 1.X and 2.0, offer functionality quite similar to each other. Obvious differentiators are the message encodings, security mechanisms, and overall profile flows — OpenID specifies a flow that no present single SAML profile congruently matches. However, we note that it is distinctly possible to relatively easily craft a new SAML profile that incorporates the deltas between OpenID and, say, the SAML Web Browser SSO profile. At the time of writing this document, OpenID 2.0 was a draft specification set. There are claimed to be multiple alpha/beta implementations; SAML 2.0 was approved as an OASIS Standard in March 2005. There are multiple certified interoperable implementations including at least two open source ones. OpenID 2.0 specifies a concrete web SSO protocol, IDP discovery protocol, principal identifier format, an extensibility mechanism (e.g. for attribute exchange), security considerations, and backwards compatibility in a single draft specification. SAML specifies an abstract extensible security assertion and an abstract extensible request-response protocol via XML schemas, in one specification, the SAML "core"; SAML protocol bindings and concrete profiles are defined in further specifications in the spec set. The OpenID specfication does not explicitly support profiling in the sense that the SAML specification set does. The OpenID specification set is concretely bound to HTTP and concretely defines a single web SSO profile. However, it does feature a simple extensibility mechanism, supporting definition of specific data query and response for name/value pairs. Concrete SAML profiles — one per each specific use-case, e.g., Vanilla web browser SSO, enhanced-client SSO, IDP discovery, Single Logout, name identifier management and mapping, assertion query/response, attribute query/response — are specified in the "SAML profiles" specification. Note that SAML profiles are specified using, or "on top of" SAML bindings. A given profile may be designed to utilize more than one binding, e.g., the Web SSO profile, or may be designed to use just one particular binding, e.g. as the SAML Lightweight Web Browser SSO (lSSO) Profile.
See also: the OASIS SSTC

Sun Jumps On
Robert Mullins, InfoWorld.com
Sun Microsystems is joining in the pricing pig pile atop Red Hat, the leading Linux software company. Sun said last week that it will join the likes of Oracle and Microsoft to challenge Red Hat's open source dominance. Sun's strategy includes support for its free download of Solaris 10, a Unix-based operating system, that will cost 40 percent to 50 percent less than comparable support for Red Hat's Linux operating system. Red Hat, the largest Linux distributor, has faced other price competition of late, notably an October move by database software company Oracle. In November, operating system giant Microsoft aligned itself with Novell, a rival Linux distributor to Red Hat. Sun's Solaris annual support contracts range from $240 to $1,180 for one- or two-socket x86 servers, depending on whether the buyer chooses the 'basic' or 'premium' plan. Red Hat Linux ES basic goes for $349 per year, per system, and Red Hat Linux AS premium costs $2,499. Sun is competing on value, not just price, said Rich Green, executive vice president of Sun's software division: "We wouldn't be working at a loss, I assure you; the scale and volume that we have allows us to place bets on what we would need to support them." Green also dismissed published reports that Sun was considering releasing Solaris under the GNU General Public License Version 3, clearing the way for integrations with other open source projects.
See also: the announcement

Crossing Borders: Closures
Bruce Tate, IBM developerWorks
Closures are blocks of code that can be used as arguments to functions and methods. The programming construct has long been a staple of languages such as Lisp, Smalltalk, and Haskell. The Java community has resisted closures so far, even as competing languages such as C# add them. This article explores whether closures represent unnecessary complexity for a language for a little convenience, or something more. Some believe that the extra complexity that closures will add to the language is not worth it. Their argument is that a little convenience is not worth the price of corrupting the simplicity of syntactic sugar. Others believe that closures will enable a new wave of design patterns. Ultimately, for the best possible answers to the question, you need to cross borders to learn how programmers use closures in other languages. In the past, closures were never a serious priority for Java developers. In the early years, the Java designers did not support closures because Java users were skittish about automatically allocating the variables on the heap without an explicit new. Today, a tremendous debate circulates around including closures into the base language. In recent years, practical interest in dynamic languages such as Ruby, JavaScript, and even Lisp has led to a groundswell of support for closures in the Java language. It looks like we'll finally get closures in Java 1.7.


XML.org is an OASIS Information Channel sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun Microsystems, Inc.

Use http://www.oasis-open.org/mlmanage to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml for the list archives.


Bottom Gear Image