XML and Web Services In The News - 20 November 2006

Provided by OASIS | Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by BEA Systems, Inc.



HEADLINES:

 XProc: An XML Pipeline Language
 Step By Step: Why XML Pipelines Make Sense
 Last Call Review for Web Services Policy 1.5
 IBM Offers New Single Sign-On Tool for SMBs
 JBoss Sets Sights on Open-Source SOA Supremacy with ESB
 Long View of IT Oversight


XProc: An XML Pipeline Language
Norman Walsh and Alex Milowski (eds.), W3C Technical Report
W3C's XML Processing Model Working Group has released an updated Working Draft for the "XProc: An XML Pipeline Language: specification. Used to control and organize the flow of documents, the XProc language standardizes interactions, inputs and outputs for transformations for the large group of specifications such as XSLT, XML Schema, XInclude and Canonical XML that operate on and produce XML documents. A pipeline consists of components. Like pipelines, components take zero or more XML documents as their input and produce zero or more XML documents as their output. The inputs to a component come from the web, from the pipeline document, from the inputs to the pipeline itself, or from the outputs of other components in the pipeline. The outputs from a component are consumed by other components, are outputs of the pipeline as a whole, or are discarded. Major changes in this version, according to Norm Walsh: (1) The semantics have been rewritten so that they're declarative but without reference to a rather amorphous 'flow graph'; (2) The 'declare-' forms of the input, output, and parameter elements are gone. Depending on the context, those statements are declaring, binding, or declaring-and- binding. (3) The source attribute no longer has two parts, thus, no microparsing.
See also: the Norm Walsh blog

Step By Step: Why XML Pipelines Make Sense
Kurt Cagle, O'Reilly Articles
The idea behind [W3C] XProc is simple enough: you create an XML document that provides 'glue' or conditional bindings for difference processes that can occur in an application. One such 'standard' project for such a language already exists (Ant), and I find it interesting that Ant has been slowly replacing the cryptic and awkward make syntax in an increasing number of applications, only a small portion of which are XML based. Pipelines are the logical mechanism to do that. By encoding them in XML, you can pass the process descriptors to the necessary processors without having to worry about what processing language those processors are using. Pipelines by themselves are fundamentally acyclic - they have definitive endpoints, but a good process flow architect also realizes that by placing two pipelines together what you end up creating is a circuit. If you have a pipeline language that can realistically handle asychronous invocation over the short term (which is a fundamental flaw in Ant, as it is (I believe) a synchronous application) then ultimately the only synchronous points that you need come when one pipeline hands off its results to another pipeline. Pipelines are fundamentally RESTian in nature: they concentrate on the interactions of 'molecular' conduits, and while the characteristics of the individual 'atomic' servers are important, without some formal overriding governor at the molecular level more complex structures become ever harder to build and maintain, and the atoms themselves remain largely isolated.

Last Call Review for Web Services Policy 1.5
Asir Vedamuthu, David Orchard, Maryann Hondo (et al.), W3C Working Draft
W3C has released Last Call Working Drafts for the Web Services Policy 1.5 specification. The Working Drafts were produced by the members of the Web Services Policy Working Group, which is part of the W3C Web Services Activity. The Working Group expects to advance the Working Drafts to Recommendation Status. Comments are welcome through 12-January-2007. The Working Group is tracking all comments via Bugzilla and highly prefers to receive comments via this system. Changes in these drafts include ignorable policy assertions, an Internet media type, and a request for feedback on adding versioning guidance. "Web Services Policy 1.5 - Framework" defines a framework and a model for expressing policies that refer to domain-specific capabilities, requirements, and general characteristics of entities in a Web services-based system. A policy is a collection of policy alternatives, where a policy alternative is a collection of policy assertions. A policy assertion represents an individual requirement, capability, or other property of a behavior. A policy expression is an XML Infoset representation of a policy, either in a normal form or in an equivalent compact form. Some policy assertions specify traditional requirements and capabilities that will ultimately manifest on the wire (e.g., authentication scheme, transport protocol selection). Other policy assertions have no wire manifestation yet are critical to proper service selection and usage (e.g., privacy policy, QoS characteristics). Web Services Policy 1.5 - Framework provides a single policy language to allow both kinds of assertions to be expressed and evaluated in a consistent manner. Web Services Policy 1.5 - Framework does not specify policy discovery or policy attachments. A policy attachment is a mechanism for associating policy with one or more policy scopes, where a policy scope is a collection of policy subjects to which a policy may apply. A policy subject is an entity (e.g., an endpoint, message, resource, interaction) with which a policy can be associated. Other specifications are free to define technology-specific mechanisms for associating policy with various entities and resources. "Web Services Policy 1.5 - Attachment" defines such mechanisms.
See also: the W3C news item

IBM Offers New Single Sign-On Tool for SMBs
Peter Sayer, InfoWorld
IBM has added a new single sign-on tool to its Tivoli software range to make life easier for small and medium-size businesses (SMBs) to link their Web sites with those of partners and customers. Single sign-on tools aim to save users the trouble of remembering separate passwords for each service they use, and simplify life for systems administrators by using a single identity store to control access to multiple services. One advantage of the system for small businesses is that they can use the software to federate their systems with those of their larger partners, leaving the lion's share of the administration to their partners, IBM said. IBM is competing with suppliers such as Microsoft, Sun Microsystems, and RSA Security (now part of EMC) to offer federated identity management tools. But IBM is also cooperating with those companies, and others, to develop standards to enable communication between them — a necessity if identity management is to be truly "federated." The Tivoli software uses SAML (Security Assertions Markup Language) version 1.0 and 1.1, WS-Federation (Web Services-Federation) and WS-Trust to communicate with identity providers and service providers. Based on IBM's WebSphere Application Server 6.1, Federated Identity Manager Business Gateway can connect to applications built with J2EE (Java 2 Enterprise Edition) or Microsoft's .Net.

JBoss Sets Sights on Open-Source SOA Supremacy with ESB
Darryl K. Taft, eWEEK
At JBoss World Berlin, the company's annual European conference, JBoss, a division of Red Hat, flexed its middleware muscle and made a series of announcements aimed at making Red Hat the place to go for the premier open-source SOA platform. The company announced its new JBoss ESB (Enterprise Service Bus), which rounds out the JEMS (JBoss Enterprise Middleware Suite). In addition, JBoss announced new features expected to appear in the next version of its popular application server, JBoss Application Server 5.0, and Red Hat announced plans to combine a virtualized operating system with its set of building blocks for SOA as a strategy for creating greater value for the company's customers next year. JBoss officials said the ESB technology comes with a three-year track record in handling complex integration and real-time events in a mission-critical business environment with 3,000 employees across 40 locations serving 2 million customers. In addition, the new JBoss ESB leverages other JEMS technologies, such as the JBoss Rules business rules engine for content-based routing and JBossMQ for messaging. Over time, JBoss plans to extend JBoss ESB with additional JEMS products such as the JBoss jBPM business process management and workflow engine, the company said. And the company will work with partners to expand the JBoss ESB with complementary technologies.

Long View of IT Oversight
Joab Jackson, Government Computer News
Like all agencies, the Food and Drug Administration faces the challenge of getting a handle on its many IT purchases. These acquisitions stretch across numerous programs and dozens of technologies. To ease the task of understanding and analyzing such investments, FDA's Office of the Chief Information Officer uses portfolio management software. For FDA, switching the data over to portfolio management software was initially a chore. Office personnel first took all the existing spreadsheets and documents and cut and pasted the information into the program. Since that first year, though, the information arrives at the data repository directly from the program officials themselves, because the data can be entered via Web browser. For portfolio management, the office used ProSight Portfolios, and a number of related products from ProSight Inc. of Portland, Ore. The package can correlate all that Exhibit 300 information. Once all the input data is gathered, the software generates a full XML Exhibit 300 report, ready to submit to OMB. In addition, the software can channel the data through live executive dashboards, showing the metrics in pie charts, score cards and other data formats. IT portfolio management went far beyond tidying up the Exhibit 300 process, though. The software also allows the office to double-check how well IT investments align with its own business goals. It also helps FDA make more strategic IT purchasing decisions.
See also: Exhibit 300 XML Schema


XML.org is an OASIS Information Channel sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun Microsystems, Inc.

Use http://www.oasis-open.org/mlmanage to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml for the list archives.


Bottom Gear Image