ebxml-msg message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [ebxml-msg] HL7 ORG: Fw: Issues with Web services transport
- From: "Durand, Jacques R." <JDurand@us.fujitsu.com>
- To: "David RR Webber \(XML\)" <david@drrw.info>, <ebxml-msg@lists.oasis-open.org>
- Date: Tue, 16 Jan 2007 13:52:46 -0800
The document is interesting as it clearly raises the
issue of application-level intermediation (contrasting the "service application"
with the "worker applications"), for which the SOAP model is only a foundation -
and a simplistic one w/r to routing - yet one that should be
leveraged.
It shows the need to represent and process differently
what we could call "application meta-data" and application data, the
former being intended for the intermediary (more horizontal SOAP headers, e.g.
WSA, are probably too low-level here).
An analogy could be the use of "topics" in the
publish-subscribe model.
> Does anything in ebMS V3.0 mitigate
this?
So I'd say that ebMS3 does (much) better than ebMS2 on
this. Both distinguish app meta-data in form of business header elements -
including payload manifest - distinct from payload parts, helping an
(unspecified) forwarding function. But when the "worker application"
is wrapped as a Web service deployed on the back-end (as it typically would in
an SOA model) the ebMS V3 model is much friendlier to the needed conversion into
a service invocation: in V3 the ebMS header being just a SOAP header bloc like
any, and leaving the SOAP body free for business payload, can be stripped from
the SOAP message by the MSH acting as intermediary. What remains can
just be a plain Web service invocation, ready as is to forward (you would never
guess it has been an ebMS message...). We have prototyped this at Fujitsu. One
issue with ebMS2 is the SOAP body used by the ebMS header, forcing payloads in
attachments, and hard to deal with when using end-to-end security (with V3,
you could even have security headers that the MSH would
not touch,if intended to ultimate destination - V3 Part 2 will be more explicit
on this).
The paper also makes a very sound observation regarding
cases where the application needs to know authentication credentials as context
to its processing ("is this request to this service allowed for this type of
client?"). You typically want to deal with this before the request hits the
application service or server supporting it, yet this kind of
application-level authorization (which is closer to access
control) is out of infrastructure scope in the current Web
service security model (WS-Security) - and current WSS implementations do not
seem to facilitate this. Clearly the application-level intermediation pattern is
key to supporting this. I believe a decent support has been proposed in V3 in
the "message authorization" section which still leverages WS-Security as much as
possible.
Jacques
Does ebXML CPA address some of these issues? I believe it
might.
Could CPA's between participants provide the missing information - or
enough for common uses?
Does anything in ebMS V3.0 mitigate this?
I also think that the idea we've been working on in BCM/ebSOA/BP of a
pan-ebxml context mechanism - could also be a next peice - so a shared context
could be retained across participants - that summarizes the salient information
needed to deliver correctly.
Please let me know so I can reply back the HL7 list with our
considerations?
I'm seeing this notion of an Uber-WS infrastructure gaining ground - so you
call that Uber-API - and then delivery occurs in the dialect for a
partner.
Of course I beleive ebXML provides a B2B superset here that plain WSDL
clearly is not able to match.
Thanks, DW
"The way to be is to do" - Confucius (551-472
B.C.)
************************************************
To access the
Archives of this or other lists or change your list settings and information,
go to: http: //www.hl7.org/listservice(See attached file: Issues with
Web Services as a Message Transport Dec 11 2006 R1.pdf)
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]