XML Daily Newslink. Tuesday, 12 December 2006

[Robin Cover <robin@oasis-open.org>]

XML Daily Newslink. Tuesday, 12 December 2006
A Cover Pages Publication http://xml.coverpages.org/
Provided by OASIS http://www.oasis-open.org
Edited by Robin Cover

====================================================

This issue of XML Daily Newslink is sponsored by
SAP AG  http://www.sap.com

====================================================

HEADLINES:

* WS-I Releases Profiles and Usage Scenarios for Public Review
* Interview: Pete Lacey Criticizes Web Services
* OASIS Opens New Discussion List for DITA S1000D Interoperability TC
* Active Endpoints Supports WS-BPEL 2.0
* Intalio Takes Business Process Suite Open-Source
* Standardised Namespaces for XML Infosets in OGF
* ORM with DrySQL and ActiveRecord
* XForms 1.1: Updated W3C Working Draft
* CardSpace: Microsoft's Latest for Identity Management
* Increasing MOM Flexibility with Portable Rule Bases

----------------------------------------------------------------------

WS-I Releases Profiles and Usage Scenarios for Public Review
Staff, WS-I Announcement

The Web Services Interoperability Organization (WS-I) has announced
the publication of three new Working Group Drafts: the "Basic Profile
1.2", "Basic Security Profile 1.1", and the "Reliable Secure Profile
1.0 Usage Scenarios." Advancement of these documents to Working Group
Draft status is an invitation to the Web services community to provide
technical feedback. The Basic Profile 1.2 is a revision of the Basic
Profile 1.1, incorporating errata to date and includes requirements
related to the serialization of envelopes and their representation in
messages from the Simple SOAP Binding Profile 1.0. The WS-I Basic
Profile 1.2 is primarily constructed using WS-Addressing which defines
a standard mechanism for identifying and exchanging Web services
messages between multiple endpoints. The newly chartered Reliable
Secure Profile Working Group has released a Working Group Draft of the
Reliable Secure Profile 1.0 Usage Scenarios for public review. The
Reliable Secure Profile 1.0 will deliver interoperability guidance to
Web services architects and developers to securely deliver messages
reliably between distributed applications in the presence of software
component, system, or network failures. The published Usage Scenarios
illustrate the use of the Reliable Secure Profile 1.0 and how it can
be applied or composed with other profiles and specifications across
a wide range of Web services applications (e.g., mobile, devices,
intermediaries, enterprise applications, etc.). The Usage Scenarios
focus on the specific scenarios that exhibit fundamental
interoperability issues and that require implementation guidance. In
concert with the current work to finalize the Basic Security Profile
1.0, to be released as Final Material in the first quarter, the Basic
Security Profile Working Group has released a Working Group Draft of
the Basic Security Profile 1.1. The Basic Security Profile 1.1 is a
revision of the Basic Security Profile 1.0 and incorporates any errata
to date and profiles WS-Security 1.1 and the WS-Security 1.1 token
profiles, including Username, X.509, REL, Kerberos, and SAML

http://xml.coverpages.org/WSI-20061211.html
See also WS-I references: http://xml.coverpages.org/ws-i.html

----------------------------------------------------------------------

Interview: Pete Lacey Criticizes Web Services
Stefan Tilkov, InfoQ

In this interview, Pete Lacey talks about the problems he sees with
Web services, including basic technologies such as SOAP, WSDL and UDDI,
as well as advanced standards from the WS-* family. Excerpt: "Taking
the SOAP 1.1 specification in isolation, my position on it is that it
went too far. Had SOAP simply defined an envelope for XML message
passing it would have been a small but interesting step forward. But
the SOAP spec also defines an -- admittedly optional -- serialization
mechanism; goes out of its way to be transport neutral, but then
defines an HTTP binding that ignores the basic tenets of HTTP; and
goes on to define a practice for using SOAP as an RPC mechanism.
However, if one ignores the optional bits, SOAP itself isn't that bad.
The envelope design pattern can be useful -- HTML uses it after all.
In contrast, I have nothing good to say about the WSDL 1.1 specification:
it is overly complex, often ambiguous, and occasionally inconsistent.
In practice, tool-generated WSDL documents are nightmarish to read and
the source of half of all interoperability issues... The complexity of
the web service framework (WSF) is mind numbing. The odds that even a
small portion of it can be made to work in an interoperable fashion
across multiple vendors is very slim. Two very large software vendors
recently told me that while they will eventually interoperate with the
forthcoming Microsoft implementation of a number of the WSF specs, it
will not be by coding to the standard, but to the Microsoft-specific
implementation. And the claim that your tooling will shield you from
the underlying complexity is laughable; the complexity will leak
through... I don't believe [SOA] can scale and it's not a silver bullet,
but, as I've said, it can be made to work if you introduce enough
constraints. And such a system is likely to offer functionality that
exceeds what can be had using traditional technologies. For instance,
if reliable messaging is an absolute requirement of your design, and
there are multiple actors, and you're only exchanging XML messages,
then using SOAP+WSA+WSRM, instead of, say, TIBCO Rendezvous, makes
sense (once WSRM is finalized and enough interoperable implementations
exist -- see what I mean), as it allows for the introduction of generic
intermediaries that can process and manipulate the messages in
transit..."

http://www.infoq.com/articles/pete-lacey-ws-criticism

----------------------------------------------------------------------

OASIS Opens New Discussion List for DITA S1000D Interoperability TC
Staff, OASIS Announcement

OASIS members have requested the creation of a discussion list
regarding a possible new OASIS DITA S1000D Interoperability TC. S1000D
is also an XML markup standard designed for re-use. The specification
has been produced to establish standards for the documentation of any
civil or military vehicle or equipment. It is based on international
standards such as SGML/XML and CGM for production and use of electronic
documentation. S1000D is also focused on Data Modules and a Common
Source Database. The OASIS discussion list is intended to facilitate
an effort to graft S1000D type modules onto the DITA type hierarchy.
The result would support content that's completely interoperable and
provides a relatively good transform target (because of similar
semantics and structure). This approach will have significant long-term
benefits toward interoperability of content and authoring tools between
the two standards. DITA is an OASIS XML markup standard designed for
topic-based authoring and re-use. It is also designed for
interoperability, with a highly flexible specialization mechanism.

http://lists.oasis-open.org/archives/tc-announce/200612/msg00004.html
See also the S1000D web site: http://www.s1000d.org/

----------------------------------------------------------------------

Active Endpoints Supports WS-BPEL 2.0
Staff, Company Announcement

Active Endpoints, Inc. has announced the availability of ActiveBPEL 3.0.
The ActiveBPEL product family includes open source and commercial SOA
orchestration solutions that are standards-compliant and platform-neutral,
forming the foundation for fast, cost-effective business and systems
integration. Among other important capabilities, ActiveBPEL 3.0
comprehensively supports the forthcoming WS-BPEL 2.0 standard, which
will be officially published early in 2007. ActiveBPEL 3.0 allows SOA
application developers and ISVs to leverage the power of the BPEL 2.0
standard while preserving prior investments in BPEL 1.1 processes.
ActiveBPEL 3.0's pluggable architecture complements all SOA IT
infrastructures and offers an independent, best-in-class solution for
building, testing, deploying and managing BPEL-based applications.
ActiveBPEL 3.0 offers new capabilities including: (1) Support for all
WS-BPEL 2.0 process constructs and semantics; (2) Automatic migration
of BPEL4WS 1.1 processes to the new WS-BPEL 2.0 standard, preserving
users' investments in existing 1.1 processes; (3) Seamless, side-by-side
execution of BPEL4WS 1.1 and WS-BPEL 2.0 processes, allowing phased
migration to WS-BPEL 2.0; (4) Enhanced message routing based on
WS-Addressing to streamline and improve the execution of long running
processes; (5) Policy-driven message exchanges based on
WS-ReliableMessaging; (6) BPEL Sub-process execution, allowing process
components to be executed within the lifecycle of their invoking
processes.

http://xml.coverpages.org/ActiveBPELv30.html
See also BPEL references: http://xml.coverpages.org/bpel4ws.html

----------------------------------------------------------------------

Intalio Takes Business Process Suite Open-Source
Renee Boucher Ferguson, eWEEK

Intalio is moving deeper into the open-source community. The maker of
business process management software has announced that it is releasing
its Intalio/BPMS Community Edition suite under the Mozilla Public
License. While Intalio recently passed the 100 paying customers
milestone, CEO and founder Ismael Ghalimi believes that by making its
software available to the open-source community, the company will be
able to grow its customer base. This is also a way to introduce
Intalio's software for free, with the idea that users will have the
option to upgrade to an enterprise edition as they move deeper into
process execution. Intalio's Community Edition includes an Eclipsed-
based process design tool that supports BPMN, the Business Process
Modeling Notation standard. The suite also supports a couple additional
process standards: BPEL, or Business Process Execution Language, an
execution engine that is deployed on top of a J2EE application server;
and BPEL4People, a workflow framework developed by IBM and SAP that
supports the "human element" in a business process -- something BPEL
doesn't support. In November Intalio released its Tempo workflow
framework under the Eclipse Public License. Tempo essentially utilizes
XForms to implement the BPEL4People model.

http://www.eweek.com/article2/0,1895,2071550,00.asp
See also David Berlind's blog: http://blogs.zdnet.com/BTL/?p=4124

----------------------------------------------------------------------

Standardised Namespaces for XML Infosets in OGF
Michel Drescher and Ali Anjomshoaa (eds), Open Grid Forum

This memo provides information to the Grid community on how to define
identifying names uniquely and uniform in the GGF/OGF domain. It
defines a rule set to generate namespaces for XML documents and
infosets. Namespace IRIs are used for identification purposes. XML
Schema elements and attributes that have the same name but different
semantics can be safely identified if a namespace is attached to them.
As such, Namespace IRIs must be unique, and comparable. The underlying
encoding and comparison rules for IRIs are defined in RFC 3987. This
document, given that the rules defined herein are followed, ensures
uniqueness of such Namespace IRIs. As such, Namespace IRIs are just
ordered sequences of characters, or strings and should not be treated
any different in the first place. However, if chosen carefully,
namespace IRIs may be used without modification if interpreted
differently in a different context. While treated as a sequence of
characters in a XML Schema document's namespace declaration, Namespace
IRIs may be interpreted as a URL or IRL that, when used in a HTTP
context, returns the normative XML Schema document that is identified
by the very IRI. The specification has been developed having mainly
namespaces for XML schema documents and infosets in mind. Considerations
and discussions led to the general URL pattern for XML namespaces to
ease the integration of the  XML schema document repository into the
overall OGF WWW presence. To enable this combined effort, the OGF panel
may decide to enact a general infrastructure policy stating: [i] that
every namespace defined by OGF may be interpreted as a URL, [ii] that
a centralized repository operated by OGF delivers a XML schema document
when queried using that URL, [iii] that the delivered XML schema
document is identified by the very namespace used as a URL to query
the central XML schema repository.

http://www.ogf.org/documents/GFD.84.pdf
See also Namespaces in XML: http://xml.coverpages.org/namespaces.html

----------------------------------------------------------------------

ORM with DrySQL and ActiveRecord
Bryan Evans, InfoQ

Most object-relational mapping frameworks introduce redundancy into
your software  -- no, not the good kind. Columns that are named and
typed on your database are renamed and re-typed as instance variables
in your application code. If your ORM framework offers facilities for
modeling referential constraints, these are again defined both on your
DB and in your application code. Many ORM frameworks also have a
mapping layer that specifies the mappings between a class and a
database table, which means that many of your database artifacts end
up being specified in 3 separate locations: on a database, in a model
class, and in a mapping layer or configuration file. DrySQL is an
extension to ActiveRecord that aims to completely free it from
redundancy, following the DRY principle. In short it aims to model
your entire database schema dynamically, querying its information
schema and eliminating the need for object-relational mapping in your
application code. ActiveRecord is innovative in its use of a database's
information schema to dynamically generate table and column mappings.
DrySQL applies this strategy to the other artifacts in your database,
the ultimate goal being that all database artifacts can be defined
in one place only: the database itself.

http://www.infoq.com/articles/DrySQL

----------------------------------------------------------------------

XForms 1.1: Updated W3C Working Draft
John M. Boyer (ed), W3C Technical Report

W3C's XForms Working Group has published an updated version of the
XForms 1.1 specification. Forms are an important part of the Web, and
they continue to be the primary means for enabling interactive Web
applications. Web applications and electronic commerce solutions have
sparked the demand for better Web forms with richer interactions. XForms
is the response to this demand, and provides a new platform-independent
markup language for online interaction between a person (through an
XForms Processor) and another, usually remote, agent. XForms are the
successor to HTML forms, and benefit from the lessons learned from HTML
forms. XForms is not a free-standing document type, but is intended to
be integrated into other markup languages, such as XHTML or SVG. An
XForms-based web form gathers and processes XML data using an architecture
that separates presentation, purpose and content. The underlying data of
a form is organized into instances of data schema (though formal schema
definitions are not required). An XForm allows processing of data to
occur using three mechanisms: (1) a declarative model composed of
formulae for data calculations and constraints, data type and other
property declarations, and data submission parameters (2) a view layer
composed of intent-based user interface controls (3) an imperative
controller for orchestrating data manipulations, interactions between
the model and view layers, and data submissions. Thus, XForms
accommodates form component reuse, fosters strong data type validation,
eliminates unnecessary round-trips to the server, offers device
independence and reduces the need for scripting.

http://www.w3.org/TR/2006/WD-xforms-20061212/
See also XML and Forms: http://xml.coverpages.org/xmlForms.html

----------------------------------------------------------------------

CardSpace: Microsoft's Latest for Identity Management
Daniel Rubio, SearchWebServices.com

Establishing identity is a common practice in the digital world, from
username and password pairs to more elaborate mechanisms like
specialized hardware devices, the process has practically become second
nature to applications on the Net. However, the technologies for
achieving such goals are extremely fragmented. In light of this, one
of the latest approaches to surface in this space has Web services as
its underpinnings, its name: CardSpace from Microsoft. To be certain,
there is no shortage of identity management solutions, just to name a
few: Open ID, Liberty Alliance, Windows Live ID (Passport), and Type Key.
All of them, in one way or another try to offer end users a universal
identity by which to access resources on the Net and, in order to do so,
also welcome third party providers to integrate these same mechanisms
into applications as a way to ease user registration. CardSpace is built
around a series of Web services standards: WS-Security, WS-Trust,
WS-MetadataExchange and WS-SecurityPolicy. This support by itself sets a
precedent in terms of the standards used to execute an identity process.
Not to underestimate any other technique, but the ubiquity and industry
support given to these standards should be enough to indicate an ample
user base. Secondly, CardSpace is designed to be a client bound
technology,
namely one to be deployed on end user PC's, allowing for user managed
credentials which minimize the possibility of exploit. CardSpace is but
one of the many pieces in .NET 3.0, the evolving development platform for
Microsoft applications -- currently in its 2.0 version. CardSpace,
alongside Windows Communication Foundation (WCF), Windows Workflow
Foundation (WF) and Windows Presentation Foundation will form the
foundations for building Web-services-enabled applications in the near
future, with CardSpace taking the bulk of identity and authentication
application workloads.

http://searchwebservices.techtarget.com/tip/0,289483,sid26_gci1234158,00.html

----------------------------------------------------------------------

Increasing MOM Flexibility with Portable Rule Bases
Edward Curry, IEEE Internet Computing

Message-oriented middleware (MOM) provides an effective integration
mechanism for distributed systems, but it must change frequently to
adapt to evolving business demands. Content-based routing (CBR) can
increase the flexibility of MOM-based deployments. Although centralized
CBR improves a messaging solution's maintainability, it limits
scalability and robustness. The MOM domain uses several constructs --
queues, topics, journals, destination hierarchies, and so on -- for
message exchange. The developer configures these constructs to meet the
demands of the particular application domain. In many cases, the
domain's ABL will heavily influence their configuration and will
dictate how an application uses the MOM to exchange messages, creating
a tight coupling to a specific destination configuration and coupling
the application to the MOM infrastructure. This can influence the
messaging solution in ways that affect its flexibility, maintainability,
and scalability. This article proposes an alternative, decentralized
approach to CBR that uses a portable rule base to maximize MOM-based
deployments' maintainability, scalability, and robustness.

http://dsonline.computer.org/portal/pages/dsonline/2006/12/w6cur.html

----------------------------------------------------------------------


XML Daily Newslink and Cover Pages are sponsored by:

BEA Systems, Inc.         http://www.bea.com
IBM Corporation           http://www.ibm.com
Innodata Isogen           http://www.innodata-isogen.com
SAP AG                    http://www.sap.com
Sun Microsystems, Inc.    http://sun.com

----------------------------------------------------------------------

Newsletter subscribe: xml-dailynews-subscribe@lists.xml.org
Newsletter unsubscribe: xml-dailynews-unsubscribe@lists.xml.org
Newsletter help: xml-dailynews-help@lists.xml.org
Cover Pages: http://xml.coverpages.org/

----------------------------------------------------------------------