You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tuscany.apache.org by Venkata Krishnan <fo...@gmail.com> on 2007/11/29 17:30:51 UTC

SCADefinitions - definitions.xml file

Hi,

The Assembly and Policy Fwk specs mention that domain-wide definitions such
as policy intents, policysets, binding type defns, impl type defns all
defined in a 'global, domain-wide file' named. definitions.xml

A single domain wide file with all definitions may not play well with
extensibility.  Here are some cases which seems to necessitate the existence
of several definitions.xml file the contents of which could all be
aggregated into a single bunch of 'domain wide definitions'.
1) For every binding / impl type in the domain there is a definition in the
definitions.xml for the intents supported by the binding/impl.  So whenever
a new binding/impl is addeded the definitions.xml needs to be edited
2) Application Policy Administrators typically define policysets for various
intents including the set of standard intents as specified by the specs such
as confidentiality, integrity and authentication for the security domain.
The administrator defines these policysets typically in the
definitions.xmlfile.  Should the administrator also be encumbered with
having to add the
definitions for the standard intents as well or should the administrator be
actually editing the file we are going to package and making application
additions there?

So it seems to me that there are two options...
    i) Have a single definitions.xml file in our domain module and expect
that it be edited for every new binding/impl type and then by application
adminsitrators for application specific things
   ii) Allow each binding/impl type to have its own definitions.xml file and
also allow contributions to have a definitions.xml file and then aggregate
all of these definitions.

I am convinced about about option (ii) and am looking at making the changes
for this unless people have serious objections. Can folks in the specs group
provide their perspective to this ?

Thanks

- Venkat

Re: SCADefinitions - definitions.xml file

Posted by Jean-Sebastien Delfino <js...@apache.org>.

Venkata Krishnan wrote:
> Hi,
> 
> The Assembly and Policy Fwk specs mention that domain-wide definitions such
> as policy intents, policysets, binding type defns, impl type defns all
> defined in a 'global, domain-wide file' named. definitions.xml
> 
> A single domain wide file with all definitions may not play well with
> extensibility.  Here are some cases which seems to necessitate the existence
> of several definitions.xml file the contents of which could all be
> aggregated into a single bunch of 'domain wide definitions'.
> 1) For every binding / impl type in the domain there is a definition in the
> definitions.xml for the intents supported by the binding/impl.  So whenever
> a new binding/impl is addeded the definitions.xml needs to be edited
> 2) Application Policy Administrators typically define policysets for various
> intents including the set of standard intents as specified by the specs such
> as confidentiality, integrity and authentication for the security domain.
> The administrator defines these policysets typically in the
> definitions.xmlfile.  Should the administrator also be encumbered with
> having to add the
> definitions for the standard intents as well or should the administrator be
> actually editing the file we are going to package and making application
> additions there?
> 
> So it seems to me that there are two options...
>     i) Have a single definitions.xml file in our domain module and expect
> that it be edited for every new binding/impl type and then by application
> adminsitrators for application specific things
>    ii) Allow each binding/impl type to have its own definitions.xml file and
> also allow contributions to have a definitions.xml file and then aggregate
> all of these definitions.
> 
> I am convinced about about option (ii) and am looking at making the changes
> for this unless people have serious objections. Can folks in the specs group
> provide their perspective to this ?
> 
> Thanks
> 
> - Venkat
> 

My 2c. Let's develop the bigbank-secure scenario. We're gonna bump into 
this right away with the scenario. Let's see what makes sense then in 
the light of the concrete scenario.

-- 
Jean-Sebastien

---------------------------------------------------------------------
To unsubscribe, e-mail: tuscany-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: tuscany-dev-help@ws.apache.org

Re: SCADefinitions - definitions.xml file

Posted by Venkata Krishnan <fo...@gmail.com>.

HI Simon,

There are a bunch of Policy intents that the specs defines as to be
supported by SCA runtimes.  I am wondering if the definitions of those
intents would for the defaule base thing.

Thanks

- Venkat

On Nov 29, 2007 11:28 PM, Simon Laws <si...@googlemail.com> wrote:

> On Nov 29, 2007 4:30 PM, Venkata Krishnan <fo...@gmail.com> wrote:
>
> > Hi,
> >
> > The Assembly and Policy Fwk specs mention that domain-wide definitions
> > such
> > as policy intents, policysets, binding type defns, impl type defns all
> > defined in a 'global, domain-wide file' named. definitions.xml
> >
> > A single domain wide file with all definitions may not play well with
> > extensibility.  Here are some cases which seems to necessitate the
> > existence
> > of several definitions.xml file the contents of which could all be
> > aggregated into a single bunch of 'domain wide definitions'.
> > 1) For every binding / impl type in the domain there is a definition in
> > the
> > definitions.xml for the intents supported by the binding/impl.  So
> > whenever
> > a new binding/impl is addeded the definitions.xml needs to be edited
> > 2) Application Policy Administrators typically define policysets for
> > various
> > intents including the set of standard intents as specified by the specs
> > such
> > as confidentiality, integrity and authentication for the security
> domain.
> > The administrator defines these policysets typically in the
> > definitions.xmlfile.  Should the administrator also be encumbered with
> > having to add the
> > definitions for the standard intents as well or should the administrator
> > be
> > actually editing the file we are going to package and making application
> > additions there?
> >
> > So it seems to me that there are two options...
> >    i) Have a single definitions.xml file in our domain module and expect
> > that it be edited for every new binding/impl type and then by
> application
> > adminsitrators for application specific things
> >   ii) Allow each binding/impl type to have its own definitions.xml file
> > and
> > also allow contributions to have a definitions.xml file and then
> aggregate
> > all of these definitions.
> >
> > I am convinced about about option (ii) and am looking at making the
> > changes
> > for this unless people have serious objections. Can folks in the specs
> > group
> > provide their perspective to this ?
> >
> > Thanks
> >
> > - Venkat
> >
> My view is that there has to be a single set of definitions that are
> active
> in the domain. It doesn't preclude us following option ii) to achieve
> this.
>
> Are there default definitions that don't belong to binding/impl types? I
> don't imagine there is as all the definitions.xml elements look to be
> related to either binding or implementations but just checking that we
> don't
> need a based default file.
>
> Regards
>
> Simon
>

Re: SCADefinitions - definitions.xml file

Posted by Simon Laws <si...@googlemail.com>.

On Nov 29, 2007 4:30 PM, Venkata Krishnan <fo...@gmail.com> wrote:

> Hi,
>
> The Assembly and Policy Fwk specs mention that domain-wide definitions
> such
> as policy intents, policysets, binding type defns, impl type defns all
> defined in a 'global, domain-wide file' named. definitions.xml
>
> A single domain wide file with all definitions may not play well with
> extensibility.  Here are some cases which seems to necessitate the
> existence
> of several definitions.xml file the contents of which could all be
> aggregated into a single bunch of 'domain wide definitions'.
> 1) For every binding / impl type in the domain there is a definition in
> the
> definitions.xml for the intents supported by the binding/impl.  So
> whenever
> a new binding/impl is addeded the definitions.xml needs to be edited
> 2) Application Policy Administrators typically define policysets for
> various
> intents including the set of standard intents as specified by the specs
> such
> as confidentiality, integrity and authentication for the security domain.
> The administrator defines these policysets typically in the
> definitions.xmlfile.  Should the administrator also be encumbered with
> having to add the
> definitions for the standard intents as well or should the administrator
> be
> actually editing the file we are going to package and making application
> additions there?
>
> So it seems to me that there are two options...
>    i) Have a single definitions.xml file in our domain module and expect
> that it be edited for every new binding/impl type and then by application
> adminsitrators for application specific things
>   ii) Allow each binding/impl type to have its own definitions.xml file
> and
> also allow contributions to have a definitions.xml file and then aggregate
> all of these definitions.
>
> I am convinced about about option (ii) and am looking at making the
> changes
> for this unless people have serious objections. Can folks in the specs
> group
> provide their perspective to this ?
>
> Thanks
>
> - Venkat
>
My view is that there has to be a single set of definitions that are active
in the domain. It doesn't preclude us following option ii) to achieve this.

Are there default definitions that don't belong to binding/impl types? I
don't imagine there is as all the definitions.xml elements look to be
related to either binding or implementations but just checking that we don't
need a based default file.

Regards

Simon