Return-Path: 
 <river-dev-return-3039-apmail-incubator-river-dev-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-river-dev-archive@minotaur.apache.org
Received: (qmail 91897 invoked from network); 7 Dec 2009 16:53:12 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 7 Dec 2009 16:53:12 -0000
Received: (qmail 36908 invoked by uid 500); 7 Dec 2009 16:53:12 -0000
Delivered-To: apmail-incubator-river-dev-archive@incubator.apache.org
Received: (qmail 36883 invoked by uid 500); 7 Dec 2009 16:53:12 -0000
Mailing-List: contact river-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:river-dev-help@incubator.apache.org>
List-Unsubscribe: <mailto:river-dev-unsubscribe@incubator.apache.org>
List-Post: <mailto:river-dev@incubator.apache.org>
List-Id: <river-dev.incubator.apache.org>
Reply-To: river-dev@incubator.apache.org
Delivered-To: mailing list river-dev@incubator.apache.org
Received: (qmail 36873 invoked by uid 99); 7 Dec 2009 16:53:12 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Dec 2009 16:53:12 +0000
X-ASF-Spam-Status: No, hits=-2.6 required=5.0
	tests=AWL,BAYES_00
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of
 SRS0=JAM5Nf=HZ=wonderly.org=gregg@yourhostingaccount.com designates
 65.254.253.93 as permitted sender)
Received: from [65.254.253.93] (HELO mailout11.yourhostingaccount.com)
 (65.254.253.93)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Dec 2009 16:53:09 +0000
Received: from mailscan04.yourhostingaccount.com ([10.1.15.4]
 helo=mailscan04.yourhostingaccount.com)
	by mailout11.yourhostingaccount.com with esmtp (Exim)
	id 1NHgpM-0002Lm-5g
	for river-dev@incubator.apache.org; Mon, 07 Dec 2009 11:52:48 -0500
Received: from impout02.yourhostingaccount.com ([10.1.55.2]
 helo=impout02.yourhostingaccount.com)
	by mailscan04.yourhostingaccount.com with esmtp (Exim)
	id 1NHgpM-00055I-7A
	for river-dev@incubator.apache.org; Mon, 07 Dec 2009 11:52:48 -0500
Received: from authsmtp05.yourhostingaccount.com ([10.1.18.5])
	by impout02.yourhostingaccount.com with NO UCE
	id EGsc1d00506ZpSa0000000; Mon, 07 Dec 2009 11:52:36 -0500
X-EN-OrigOutIP: 10.1.18.5
X-EN-IMPSID: EGsc1d00506ZpSa0000000
Received: from ip70-189-98-232.ok.ok.cox.net ([70.189.98.232]
 helo=[192.168.1.11])
	by authsmtp05.yourhostingaccount.com with esmtpsa (TLSv1:AES256-SHA:256)
	(Exim)
	id 1NHgp9-0000uR-S4
	for river-dev@incubator.apache.org; Mon, 07 Dec 2009 11:52:36 -0500
Message-ID: <4B1D32D0.1000007@wonderly.org>
Date: Mon, 07 Dec 2009 10:52:32 -0600
From: Gregg Wonderly <gregg@wonderly.org>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: river-dev@incubator.apache.org
Subject: Re: Distributed ExecutorService
References: <4B1C4D63.1050002@zeus.net.au>
In-Reply-To: <4B1C4D63.1050002@zeus.net.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-EN-UserInfo: 
 5bac21c6012e8295aaee92c67842fba3:d1e94006e19829b2b3cf849ab9ff0f3c
X-EN-AuthUser: greggwon
Sender: Gregg Wonderly <gregg@wonderly.org>
X-EN-OrigIP: 70.189.98.232
X-EN-OrigHost: ip70-189-98-232.ok.ok.cox.net

This is the service model that I envisioned for the work I did to put executors 
into a javaspace like environment with my http://griddle.dev.java.net project.

I've always wanted to have to conversation about importing permissions, but to 
some degree we've already done that.

o  The granting of permissions to a specific codebase URL already exists.
o  With HTTPMD, we can guarantee that the content of the jar hasn't changed
    and thus the permissions we are granting are to be used by software which
    we know the behavior of.
o  With DynamicPolicyProvider and the com.sun.jini.start.ServiceDescriptor
    implementations, you can derive a dynamic "service" environment with some
    appropriate changes to com.sun.jini.start.ServiceStarter to include the
    convehence of whatever policy and configuration you want to use.

I've used com.sun.jini.start.ServiceStarter and a derivative of my 
http://startnow.dev.java.net projects org.wonderly.url.vhttp.Handler 
StreamHandler implementation to create a dynamically downloading and caching for 
offline execution client runtime environment.

I think we have lots of bits and pieces that can work together, and the OSGi 
bundle mechanism might be a standard way to package into a jar, what permissions 
are actually required.

In the real world, many people still seem to have no stamina for building an 
exact policy, and instead, look at the software they are running as either 
trusted or not-trusted in totality, and use AllPermission as the gating permission.

If we were to work on providing a "complete" permission convehence mechanism, 
would that be useful if there still are not adequate tools for 
discovering/knowing exactly what permissions are required?

Gregg Wonderly

Peter Firmstone wrote:
> I've had a few thoughts about the whole "move the code to the data" 
> concept (or "Move the code to the Service node") for some time, 
> considering it a low priority, I have kept quiet about it, until 
> recently when the topic came up during a recent email discussion.
> 
> Current Practise for River applications is to move code and data around 
> together in the form of marshalled objects.  Two particular groups of 
> Objects are of interest, those that are process or code intensive where 
> methods process and create returned results and data intensive objects 
> where there is little to be done in the way of processing, where minor 
> copy / transformations are performed on existing state.
> 
> I think that the River platform addresses these Object groups quite 
> effectively when the processing is known at compile time or when the 
> service requirements are clear.  However there are Occasions when it 
> would be less network intensive or simpler to submit  the distributed 
> equivalent of a  ScheduledTask or Runnable to consume an existing data 
> intensive service at the origin of that service and make the desired 
> result available via a temporary service or some other mechanism or 
> protocol.  In cases where particular class files and libraries required 
> to perform processing are available at the service node, but unavailable 
> at the client due to a legacy java environment, no ability to load 
> remote class files, or a constrained memory environment that cannot 
> provide enough memory space for the processing required.  The result of 
> the uploaded runnable class file can be transformed into a locally 
> available or compatible class file.
> 
> The Runnable uploaded code might be uploaded to the service node, by the 
> client or a third party mediator.  Any suggestions for what the 
> mechanism should be would also be useful. I'm thinking that a signed 
> OSGi bundle containing a set of permissions would be a good model to 
> start from, considering that OSGi already has many of the Security 
> mechanisms that would make such a thing possible.
> 
> In essence the DistributedScheduledTask is a remote piece of client code 
> that is executed in the service node.  I'm wondering just what should a 
> DistributedExecutorService provide, if anyone else has had thoughts 
> similar to mine.
> 
> For instance, a Reporting Node in a cluster might send out the same 
> DistributedScheduledTask to all available services of a particular type 
> to perform some intensive data processing or filtering remotely at each 
> node and retrieve the results from each after processing.  The Reporting 
> Node might have changing reporting requirements similar to performing 
> queries for instance.
> 
> Cheers,
> 
> Peter.
> 
> 
> 
> 
>