Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id DEE60200B40 for ; Fri, 1 Jul 2016 08:35:45 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id DD5FA160A61; Fri, 1 Jul 2016 06:35:45 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 093A1160A5D for ; Fri, 1 Jul 2016 08:35:44 +0200 (CEST) Received: (qmail 63383 invoked by uid 500); 1 Jul 2016 06:35:43 -0000 Mailing-List: contact dev-help@river.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@river.apache.org Delivered-To: mailing list dev@river.apache.org Received: (qmail 63129 invoked by uid 99); 1 Jul 2016 06:35:42 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Jul 2016 06:35:42 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id E7C95186D3B for ; Fri, 1 Jul 2016 06:35:41 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.744 X-Spam-Level: *** X-Spam-Status: No, score=3.744 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, MIME_QP_LONG_LINE=0.001, MISSING_MIMEOLE=1.843] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=zeus.net.au Received: from mx2-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id yMyS4GVSEO9e for ; Fri, 1 Jul 2016 06:35:37 +0000 (UTC) Received: from webcloud66.au.syrahost.com (server-2c-r4.ipv4.au.syrahost.com [103.250.215.84]) by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id F39075FB6F for ; Fri, 1 Jul 2016 06:35:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zeus.net.au ; s=default; h=Content-Type:MIME-Version:Message-ID:To:Subject:From:Date: Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=P1AaKngj6VjpJXN40VCNcONRDycZX0hFNyPOo3YoGEQ=; b=oJpt/RblUOe4nh8ypVjVkk54KD 5edPI0cisQX2vabdqg67D3/IjwQdIz/cW2xmzjyW5Z2oVj9uFRirCEMOORut9UCNY3bsQYW4Oa5nB Tsqn3yBI+g6iSzWx0mA+jkqcMDoZGnyEAGG6KWr0Vk0Xw1E3FFbPrEo+XM3g+wabKMWA=; Received: from pa49-197-23-167.pa.qld.optusnet.com.au ([49.197.23.167]:22999 helo=[10.78.233.213]) by webcloud66.au.syrahost.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from ) id 1bIs2q-001eMM-VV for dev@river.apache.org; Fri, 01 Jul 2016 14:35:28 +0800 Date: Fri, 1 Jul 2016 16:35:16 +1000 (AEST) From: Peter Subject: Re: Lotj - languages other than java To: "dev@river.apache.org" Message-ID: <7c102a35f2631bc61bd621adf3c1266a@org.tizen.email> MIME-Version: 1.0 Content-Type: MULTIPART/ALTERNATIVE; BOUNDARY="8323328-1148529773-1467354916=:1242" X-Priority: 3 X-MSMail-Priority: Normal X-OutGoing-Spam-Status: No, score=1.6 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - webcloud66.au.syrahost.com X-AntiAbuse: Original Domain - river.apache.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - zeus.net.au X-Get-Message-Sender-Via: webcloud66.au.syrahost.com: authenticated_id: jini@zeus.net.au X-Authenticated-Sender: webcloud66.au.syrahost.com: jini@zeus.net.au X-Source: X-Source-Args: X-Source-Dir: archived-at: Fri, 01 Jul 2016 06:35:46 -0000 --8323328-1148529773-1467354916=:1242 Content-Type: TEXT/plain; CHARSET=UTF-8 Content-Transfer-Encoding: QUOTED-PRINTABLE =C2=A0=0A=C2=A0=0A=C2=A0=0A=C2=A0=0AThanks Sim,=0A=0AThese are all good que= stions we need to consider.=0A=0AI like the model of micro services where e= ach service is responsible for implementing its own back end persistence an= d state. =C2=A0Do you consider a microservice to be web based?=C2=A0=0A=0AI= have an implementation of discovery using multicast ipv6. =C2=A0However fo= r firewalls with limited open ports such as https over ipv6, we have JERI h= ttps endpoints, but no discovery, DNS-SD is a good discovery alternative wa= iting to be implemented.=0A=0AFor my own environment I will be adopting ipv= 6 , the global address space and autoconfiguration solve many problems that= users experience with ipv4 today.=0A=0AI admit the locked down api caused = me frustration, but I think it's clear now that we need a process for manag= ing api evolution. =C2=A0=0A=0AComplexity - The proxy preparation api tries= to determine trust after downloading untrusted code and deserialization of= unverified data. =C2=A0As gadget attacks demonstrate, too little too late = at great complexity. =C2=A0This was an attempt to bolt security onto the existing lookup service.=0A=0AJERI is good, me= thod constraints are good, proxy trust is obsolete. =C2=A0River's current s= sl and https JERI endpoints need to be brought up to date as they're no lon= ger secure. =C2=A0I've already done this work externally, it can be donated= when appropriate for the project.=0A=0AIf we address security issues, we c= an provide a secure alternative to RMI. =C2=A0Oracle has chosen 'whack a mo= le' security for Serialization, rather than address some fundamental design= flaws with ObjectInputStream, for this reason, authentication of the sourc= e must occur prior to accepting serial data. =C2=A0Despite common belief, w= hite listing isn't a completely secure solution and adds conplexity as it's= too fine grained.=0A=0AFor multi language support, this would limit the ty= pe system, but then, there's a lot that can be done with strings, primitive= types and byte arrays. =C2=A0This doesn't have to limit java service types= , I think language support should be something determined during lookup, so= we don't limit the type systems of more powerful languages to primitives.=0A= =0ALooking at most Entry's used for lookup, most fields are strings and int= egers. =C2=A0If you look at the way lookup searches are implemented, an ent= ry is represented by a string name and each field is a tuple name value pai= r.=0A=0AI think a ground up redesign of the lookup service, would address l= anguage compatibility as well as complexity and security.=0A=0AIn other wor= ds, recognise the need for a lookup & registration protocol, as well as dis= covery, after that, the service & client should be able to negotiate=C2=A0 = whatever rpc protocol they have in common and to do that, we'll also need a= connection negotiation protocol. =C2=A0We could write specifications for t= hese protocols. =C2=A0This way we could allow any language/ platform to reg= ister and provide services. =C2=A0The code for lookup would not be download= ed as Reggie is now, it would be protocol, rather than proxy based. =C2=A0T= his would also fit well with IoT.=0A=0AMeanwhile we can still support exist= ing java based services.=0A=0AThoughts?=0A=0APeter.=0A=0ASent from my Samsung device.=0A= =C2=A0=0A=C2=A0=C2=A0Include original message=0A---- Original message ----= =0AFrom: Simon IJskes - QCG =0ASent: 30/06/2016 06:22:30 pm= =0ATo: dev@river.apache.org=0ASubject: Re: Lotj - languages other than java= =0A=0AIf=C2=A0you=C2=A0solve=C2=A0the=C2=A0'barrier'=C2=A0of=C2=A0the=C2=A0= service=C2=A0discovery,=C2=A0do=C2=A0you=C2=A0also=C2=A0want=C2=A0to=C2=A0 = =0Aprovide=C2=A0universal=C2=A0access=C2=A0to=C2=A0the=C2=A0java=C2=A0servi= ces=C2=A0in=C2=A0the=C2=A0form=C2=A0of=C2=A0microservices? =0A=0AIt=C2=A0is= =C2=A0doable=C2=A0to=C2=A0take=C2=A0any=C2=A0'more=C2=A0used'=C2=A0service= =C2=A0discovery=C2=A0solution=C2=A0and=C2=A0use=C2=A0 =0Athis=C2=A0as=C2=A0= the=C2=A0river=C2=A0discovery.=C2=A0To=C2=A0introduce=C2=A0a=C2=A0level=C2= =A0of=C2=A0abstraction=C2=A0with=C2=A0 =0Athe=C2=A0same=C2=A0primitives=C2= =A0as=C2=A0the=C2=A0current=C2=A0river=C2=A0discovery=C2=A0mechanism=C2=A0o= ffers. =0A=0ARiver=C2=A0would=C2=A0then=C2=A0have=C2=A0adapted=C2=A0a=C2=A0= more=C2=A0common=C2=A0discovery=C2=A0mechanism. =0A=0ANext=C2=A0thing=C2=A0= that=C2=A0we=C2=A0should=C2=A0decide,=C2=A0is=C2=A0how=C2=A0far=C2=A0do=C2= =A0we=C2=A0go=C2=A0into=C2=A0universality.=C2=A0 =0AI=C2=A0see=C2=A0univera= l=C2=A0type=C2=A0systems,=C2=A0different=C2=A0serialisation=C2=A0plugins=C2= =A0on=C2=A0the=C2=A0horizon. =0A=0AThe=C2=A0biggest=C2=A0showstopper=C2=A0f= or=C2=A0me=C2=A0was=C2=A0the=C2=A0API=C2=A0compatibility.=C2=A0In=C2=A0orde= r=C2=A0to=C2=A0 =0Amake=C2=A0any=C2=A0progress=C2=A0we=C2=A0need=C2=A0a=C2=A0more= =C2=A0agile=C2=A0process=C2=A0for=C2=A0modifing=C2=A0the=C2=A0API. =0A=0AIf= =C2=A0we=C2=A0leave=C2=A0compatibility=C2=A0behind=C2=A0us,=C2=A0we=C2=A0co= uld=C2=A0ask=C2=A0our=C2=A0selfs,=C2=A0what=C2=A0 =0Abenefit=C2=A0are=C2=A0= we=C2=A0providing=C2=A0for=C2=A0the=C2=A0users?=C2=A0What=C2=A0can=C2=A0we= =C2=A0introduce=C2=A0that=C2=A0does=C2=A0 =0Anot=C2=A0duplicate=C2=A0what= =C2=A0is=C2=A0already=C2=A0in=C2=A0the=C2=A0market.=C2=A0For=C2=A0a=C2=A0ja= va=C2=A0developer,=C2=A0i=C2=A0 =0Athink=C2=A0there=C2=A0is=C2=A0no=C2=A0ne= ed=C2=A0to=C2=A0convince,=C2=A0they=C2=A0can=C2=A0see=C2=A0benefits=C2=A0in= =C2=A0just=C2=A0having=C2=A0 =0Aa=C2=A0java=C2=A0API=C2=A0to=C2=A0program= =C2=A0against.=C2=A0We=C2=A0need=C2=A0to=C2=A0think=C2=A0about=C2=A0the=C2= =A0environment=C2=A0 =0Awhere=C2=A0java=C2=A0receives=C2=A0a=C2=A0lot=C2=A0= of=C2=A0'non-love',=C2=A0how=C2=A0we=C2=A0can=C2=A0create=C2=A0a=C2=A0'whow= ,=C2=A0java=C2=A0 =0Aisn't=C2=A0all=C2=A0that=C2=A0bad,=C2=A0look=C2=A0at= =C2=A0that=C2=A0easy=C2=A0solution'=C2=A0experience. =0A=0AI=C2=A0think=C2= =A0that=C2=A0river=C2=A0lost=C2=A0the=C2=A0spot=C2=A0it=C2=A0could=C2=A0hav= e,=C2=A0as=C2=A0a=C2=A0java=C2=A0only=C2=A0solution=C2=A0 =0Ato=C2=A0JSON,= =C2=A0XMLRPC,=C2=A0SOAP,=C2=A0etc=C2=A0libraries=C2=A0for=C2=A0java.=C2=A0F= rom=C2=A0a=C2=A0helicopter=C2=A0view,=C2=A0 =0Awhat=C2=A0does=C2=A0it=C2=A0= do?=C2=A0Whe=C2=A0provide=C2=A0secure=C2=A0RPC,=C2=A0with=C2=A0discovery=C2= =A0and=C2=A0scaling.=C2=A0And=C2=A0 =0Awe=C2=A0make=C2=A0it=C2=A0hard=C2=A0= to=C2=A0use. =0A=0AG.=C2=A0Simon =0A=0A=0AOn=C2=A030-06-16=C2=A005:37,=C2= =A0Peter=C2=A0wrote: =0A>=C2=A0Currently=C2=A0with=C2=A0River,=C2=A0you=C2=A0need=C2=A0java=C2=A0to=C2=A0part= icipate.=C2=A0=C2=A0Other=C2=A0languages=C2=A0can=C2=A0provide=C2=A0service= s,=C2=A0but=C2=A0you=C2=A0need=C2=A0a=C2=A0jvm=C2=A0to=C2=A0participate. = =0A> =0A>=C2=A0Most=C2=A0of=C2=A0discovery=C2=A0is=C2=A0language=C2=A0agnos= tic,=C2=A0so=C2=A0any=C2=A0language=C2=A0can=C2=A0participate=C2=A0in=C2=A0= discovery. =0A> =0A>=C2=A0The=C2=A0major=C2=A0limitation=C2=A0for=C2=A0othe= r=C2=A0languages=C2=A0is=C2=A0the=C2=A0lookup=C2=A0service.=C2=A0=C2=A0Secu= rity=C2=A0issues=C2=A0and=C2=A0complexity=C2=A0also=C2=A0relate=C2=A0to=C2= =A0the=C2=A0lookup=C2=A0service. =0A> =0A>=C2=A0My=C2=A0thoughts=C2=A0are= =C2=A0that=C2=A0a=C2=A0lookup=C2=A0service=C2=A0that=C2=A0performs=C2=A0sea= rch=C2=A0and=C2=A0registration,=C2=A0but=C2=A0provides=C2=A0a=C2=A0language= =C2=A0independent=C2=A0=C2=A0and=C2=A0secure=C2=A0means=C2=A0of=C2=A0contac= ting=C2=A0service=C2=A0providers=C2=A0would=C2=A0be=C2=A0beneficial. =0A> = =0A>=C2=A0Anyone=C2=A0interested=C2=A0in=C2=A0discussing=C2=A0further? =0A>= =0A>=C2=A0Regards, =0A> =0A>=C2=A0Peter. =0A> =0A> =0A>=C2=A0Sent=C2=A0fro= m=C2=A0my=C2=A0Samsung=C2=A0device. =0A> =0A> =0A=0A=0A=0A=0A=0A --8323328-1148529773-1467354916=:1242--