[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [stp-dev] STP project on Google Summer of Code 2009
|
Hi,
Yes Andrei i too feared the same. (Although Renat told STP guys to comment and vote google had a deadline on April15th i think...) .Newy After going through the GSoc thread that Oisin has sent i think still organizations have chance to rank up/down the proposals..i'm not too sure about this ..However i'm hopeful that this will be selected n can't wait till Moday to see the results...
So regarding the proposals , this is just the view of the current implementaion which was only intended to derive WS : Security policy Assertions from SOAP messages and we can say it's a prototype of what i'm going to implement.Therefore some/lot of modifications and redesigning may require to built the proposed framework+API for Eclipse.
1.Deriving WS:Policy
assertions from various XML types for different sources.Yes that should be a main consideration. If you have seen the previous threads of my proposal , you may see i have actually had 2 sub-proposals . First is the integration of new Policy-Builder tool with STP Policy Editor . Second was the WS Standards support which basically supports and produces respective schemas for WS Policy compliant documents in a project .I was planning to port necessary schema catalogs (after derivation steps) as an extension of standards Support proposal.However since the modified proposal for GSoc has scoped into integration of Policy Builder (due to time constraints ) , i have to come up with a possible solution for such scenarios. It may be possible to provide neccesary schemas since the derivation step knows which assertion it produces and to which schema..
2.Handler chain
concept. each handler do check a specific policy pattern and flags necessary meta data needed.While some handlers check for single pattern (ie:- TimeStamp Behavior) , some others can be grouped to collectively check another complex type of pattern (ie:-Symmetric Binding and related assertions like Protection Token,Token type metadata,etc) . So when the chain is built using an "Assembler" relevant assertions are provided for each handler and chained appropriately . Therefore handlers are provided with necessary Assertion Models to each handler at assembly time to built a tree like structure and those models can inturn be used for serialization (in WS Policy model seriaizing a parent Assertion serializes all respective children as well). As i have mentioned in the proposal these models are WS Security Policy model (org.apache.ws.secpolicy.model) provided with Apache Rampart which has serialization capabilities inbuilt with all the relevant metadata of security policy spec.(For other ws specs we may hav to contruct a model if not available..)
3.Stax parser.
In the current context, Stax pull parser (Axiom) does not provide significant advantage interms of low memory footprint since i'm building whole XML infoset of the XML message .(Since if SOAP like messages are not a large structures it may not be a hudge overhead and also since we don't have lot of messages to process at any given time..) However if we would want to make things efficient and fast we could use Stax capabilities with XPath like mechanism perhaps.
4.Policy Builder GUI
Described GUI is intendended as a tool for an Aplcation server like .So for Eclipse standards , import / Export Wizards would be ideal for various registered inputs and outputs of the component.Eclipse's natve WTP monitor would be a good choice for integration and i'am currently working on this and will provide the suggestions for integration asap..
5.Abstraction of
different sources/destinations.
as i have mentioned earlier , since this tool is intended for extracting policies from SOAP messages for an Application server ,it was not a design requirement at that time.However as you have rightly pointed out abstractions for sources,destinations and also type of extraction for different ws:compliant message types and wsp:schemas will be needed for the policy builder plugin with integration of STP policy editor.This we have to further discuss and comeup with a good framework at the design time i think..
So i hope Andrei above may have cleared most of the questions and doubts you had .I am hoping for the best that this will be selected as an Eclipse project and really looking forward to start working ..And thanx again for the feed back...
