Lists Home |
Date Index |
Recently I've been involved in building a validation process using a
combination of schema based and rules (schemaTron) and it got me thinking
about how much validation is the right amount.
The 'type' of validation processing I'm talking about is that which might be
performed at a B2B gateway and is perhaps better categorized as 'technical'
validation (ie. basic structural conformance and some content) rather than
business rules (although the distinction is pretty thin).
From the business perspective, it is undesirable to reject any message and
thus lose an opportunity to complete a transaction. So from this point of
view one might imagine that validation at this stage should be minimal,
perhaps not even full schema (or perhaps a 'more relaxed' version of the
published interface). This might be justified on the basis that rules,
perhaps in a business process engine or application logic, are better at
determining whether a message is business processable or not. Plus one can
always push messages to a manual process and let a human decide !
On the flip side, we want to protect the integrity of our operational
systems from erroneous data and, perhaps the most obvious reason, validation
can provide an optimization of the process in the sense that, when the
interaction is asynchronous (and possibly long running), it may be
preferable to let a caller know right away that a message has some 'bad
data' rather than for them to find that out some time later after having
received an initial acknowledgement of receipt.
To me this highlights the conundrum of a desire for strongly typed [service]
interfaces versus the looser coupling and tolerance to change that we also
typically seek. I am trying to find the 'sweet spot' that allows through
messages that 'may' be processable, but rejects those where even if directed
to a manual (human workflow) process would still not be worth the effort. I
sometimes refer to this as 'compatible' messages versus enforcing strict
adherence to a technical specification.
I also have noted that versioning service interfaces (or even just XML
schemas) can be somewhat problematic and can exacerbate validation issues,
and to some extent mitigates against using them for validation purposes,
particularly if they haven't been designed with any extensibility mechanisms
at all to accommodate 'non breaking' change (e.g. xs:any/anyAttribute).
Some of you may be thinking 'is there a question here anywhere ?', sorry I
have meandered on somewhat. What I'm really after is finding out what others
have found to be a good approach to message validation and whether there are
views about how to achieve a balance between optimizing business opportunity
and rejecting 'junk mail'.