axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran" <stev...@iseran.com>
Subject Re: WSIF proposal
Date Wed, 15 May 2002 18:56:08 GMT

----- Original Message -----
From: "Sam Ruby" <rubys@us.ibm.com>
To: <axis-dev@xml.apache.org>
Sent: Wednesday, May 15, 2002 11:14 AM
Subject: Re: WSIF proposal


> Steve Loughran wrote:
> >
> > > > Is there an xml-commons to mirror jakarta-commons?
> >
> > and does it contain a sandbox to mirror jakarta-commons/sandbox?
>
> Not yet.
>
> More deeply, I'm wondering if xml and web services are emerging as
separate
> communities.

I dont disagree. xml is foundational; web services are applied XML.

I think axis is foundational too; there are some things I need to do that
related to axis, but should not be part of it. Which means they shouldnt be
in the CVS tree of people who shouldnt have to maintain it.

There are a couple of things I am thinking of

1. classes for a higher level of interop. Even if we get the basics of
section 5 and XSD interop going, there will always be the issue of
hashtables and other collection classes, and worse of all the .net datset

It would be good to have reference implementations a .net handler for an
axis hashtable, and vice versa; an add on to add SwA to .net on the basis
that MS wont do that, maybe even a java version of the dataset. Some of this
stuff could go into axis, but the .net side of things is to fix their stack,
not the apache one.

2. An apache authentication system; our alternative to Passport or the
Liberty Alliance. I have a vision of a kerberos auth server you can run on
your home server that any affiliate into the authentication federation can
authenticate you against, plus iauthentication mplementations for tomcat and
apache 2.0.

rationale:
1. I dont see why the liberty alliance delivers significant choice over the
passport monolith, just more integration grief.
2. if you can run publicly accessible web or soap server on a cable modem,
you can host an auth server and provide an endpoint for value added
services, such as email and messaging.
3. if you are running your own box you can use a more secure login process,
like a securid based auth system, so you dont need to worry so much about
password compromise
4. works nicely behind the firewall, stops people needing NTLM auth
everywhere

the vision is I could log in to any web site as steve_l@eiger.dnsalias.org
and the resolver would dns to that box, hit the auth server for a negotiated
login, get back endpoints for messaging
eiger.dnsalis.org/users/stevel/email
eiger.dnsalis.org/users/stevel/im

(notice I am not saying whether they are SOAP or REST urls)

I think that is a fairly ambitious objective, and I have nothing even
vaguely resembling time to work on it -at least for the next few months. But
let's face it, who can you trust with your personal data but yourself, and
who do you trust to implement a good zero cost server but Apache.


Mime
View raw message