xml-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From George I Matkovits <matkovi...@uswest.net>
Subject Re: Evolutions on XML-SOAP
Date Wed, 09 Aug 2000 04:48:28 GMT
I very much agree with your priority on interoperability, unfortunately on a
Windows2000 its built in IPSEC provides ready support for 'security' between W-to-W
soaping but this is not true for any of the other platforms. (-:
IMHO a standard, URL driven, to an https endpoint,  encryption will be transparent
to MS Soap but I am still thinking about the compatibility issues of a signed
payload! Any 'compatibility' opinions would be most welcome!
Regards - George

Richard_Stanford@exe.com wrote:

> My personal reaction as an observer (rather than a current committer or
> anything) is that some of these sound like embrace-and-extend tactics
> (especially storing the extra information in the envelope header).  Personally,
> I feel that projects like this are most successful when they correctly implement
> the standard as written.  Extentions are great for add-on products, but
> shouldn't interoperability be the primary goal?  The same with security -- its a
> good idea, but if implemented externally in a 3rd party product it would work
> for all complient SOAP servers, and all SOAP servers would work with all
> security add-ons (well, good from a standards base rather than a forced-adoption
> base I guess).
> -Richard
> My company (ActivCard, http://www.activcard.com ) wants to use the XML-SOAP
> toolkit for the SOAP related tools that we want to have. Basically, we want
> to be able to:
>      1) put some information in the envelope header in order to keep some
> session information
>      2) provide other services on top of SOAP, not just RPC. For
> instance, we want to be able to:
>           - have a component that will be able to look at the envelope
> and route it to the actual server performing the request
>           - have a component that will perform some access control on
> the SOAP services
>           - rewrite or modify an envelope before passing along to
> another part
>      3) when performing a call, have a way to provide additionnal
> information about the call (who is performing the call, what are the
> permissions, ...)
> I have downloaded the XML-SOAP source code from CVS and started playing with
> it. In order to be able to implement the above features, we are going to
> need to extend the existing implementation. My company has agreed to give
> back all the changes to the XML-SOAP project. Therefore, I thought that I
> would share with you what I changes I have in mind, so that everybody can
> provide feedback, ideas, improvement, ... BEFORE I start the implementation.
> This would allow to have our modifications go in the "right direction" from
> the XML-SOAP point of view.

View raw message