[Date Prev][
Date Next][Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[alf-req] Minutes from the 8/31/2005 ALF Requirements Committee meeting
|
ALF
Requirements Committee Meeting Minutes
8/31/2005
At this meeting we
discussed committee logistics, SSON in the example implementation and roles
within ALF.
Requirements
Committee Logistics
Discussion: Compuware asked that all communications and
discussions use the mail list or the newsgroup. Others agreed. Shaw directed the
committee to the ALF website for instructions on how to sign up for the
newsgroup and mailing lists.
Action
Item: Shaw to post meeting announcements to alf-events and alf-req.
Shaw to post meeting agendas and minutes to alf-req.
Decision: The Requirements Committee will start to use
alf-req for all requirements discussions.
SSON in the
Example Implementation
Discussion: The committee decided last week that ALF was
not in the user administration business, and that any SSON capability should be
delegated to an implementer through a SPI. Serena asked whether it would be a
good idea to deliver a SSON example using JOSSO or some other technology in the
example implementation. The committee agreed that it would be a good idea,
resources permitting, but not for the POC. Instead, we will try to deliver an
example for the first release candidate.
Action
Item: Cognizant to post a white paper summarizing SSON models, JOSSO
and Higgins, to the newsgroup. The committee will review the summary to decide
if either model would be appropriate for use within ALF.
Decision: If time and resources permit, ALF will provide
an example SSON capability for the first release candidate.
Roles in
ALF
Discussion: This discussion was led by John Streiff from
Secure Software. Most of the discussions centered around a taxonomical
description of roles within ALF versus roles within the participating tools. All
agreed that ALF was not in the business of mapping roles to
permissions within tools. Thus, ALF runtime roles, (as compared to
design-time roles) what ever they end up being, have a strict boundary starting
at the event broker and ending in the service flow.
JS suggested each
participant read through the POC use case to see how or whether roles play a
part in how the web services are executed within the service flow. All agreed to
do so.
Shaw asked whether
ALF roles should trump tool permissions, and this started a discussion about how
or whether ALF roles in any way relate to permission sets within the
tools.
In the end we came
to no conclusions about the role of roles within ALF. We will reopen this
subject again during the next call and will hold discussions through the alf-req
mailing list.
Action
Item: All tool vendors will review the POC to see how or if roles play
any part in the web service invocation, and whether a trusted relationship could
exist between ALF and the tool. All committee members will hold discussions
through the alf-req mailing list.
Decision: ALF is not in the business of managing
tool-level permissions. Runtime roles in ALF, whatever they end up being, have a
strict boundary starting at the event broker and ending in the service
flow.
Next Meeting
The next requirements meeting
will be from 10:00 - 11:00 Pacific on Wednesday, 7 September. Shaw will send the meeting announcement to alf-events
and alf-req. Shaw will send an agenda to the mail group alf-req.
Kelly Shaw
Sr. Product Marketing
Manager
Serena Software
719-457-8811
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.