cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin" <sergey.beryoz...@iona.com>
Subject Re: WS-SX
Date Mon, 24 Sep 2007 15:41:17 GMT
>So the preferred mechanism for configuration would always be a feature,
> but that for more low-level stuff policies can be used?

It should be the other way around. Using policies for low-level stuff makes policies of no
use to anyone, but makes them just yeat 
anothjer configuration mechanism no one will ever use

Cheers, Sergey

----- Original Message ----- 
From: "Johnson, Eric" <Eric.Johnson@iona.com>
To: <cxf-dev@incubator.apache.org>
Sent: Monday, September 24, 2007 4:34 PM
Subject: RE: WS-SX



<snip>
So, to summarize:

  *) I disagree that specification of key material should be done
through WSDL and/or WS-Policy; that's not what it's for, and there is a
real risk of compromise of security-sensitive information this way
  *) I am more inclined to view feature-based config as a kind of
simplification of policy-based config, and as a potential generator of
policy, which makes it complementary to policy, not orthogonal
  *) I agree that in some small percentage of cases, we need to support
configuration of WS-SecurityPolicy directly, and at a low level, but
these cases fall below the 20% bar, and can certainly be exposed through
low-level config.
</snip>

For point number 2 are you saying that users would generally use CXF
feature mechanism for configuration of endpoints and that the runtime
would generate the policies that a service provider would need to
advertise? In that case a client/consumer could consume the advertised
policies and reconfigure themselves based on the policies?

So the preferred mechanism for configuration would always be a feature,
but that for more low-level stuff policies can be used? 

----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland

Mime
View raw message