JSRs: Java Specification Requests
JSR 265: API for Utilizing Web Services Policy
This JSR has been Withdrawn
Section 1. Identification
Submitting Member: SAP AG
Name of Contact Person: Michael Bechauf
E-Mail Address: firstname.lastname@example.org
Telephone Number: +1 650 849 4279
Fax Number: +1 650 849 4101
Specification Lead: Sanjay Patil & Umit Yalcinalp
E-Mail Address: email@example.com & firstname.lastname@example.org
Telephone Number: +1 650 320 3165 & +1 650 320 3095
Fax Number: +1 650 849 4101 & +1 650 849 4101
Initial Expert Group Membership:
Supporting this JSR:
Section 2: Request
2.1 Please describe the proposed Specification:
This specification aims to standardize a basic framework in Java for utilizing the Web services constraints and capabilities. It enables other Java technologies for Web services to utilize policies in a uniform manner thereby strengthening Java as a competitive Web services platform.
- Scoping a policy associated with a WSDL component, possibly based upon the interrelationships between the WSDL components
- The normalization, merging, composition and interaction of policies.
This JSR does not aim to generalize the different policy languages. This JSR does not aim to provide a common model for normalizing, associating, scoping, merging of policies, etc. Rather, this JSR aims to remain independent of the policy languages by concentrating only on the production of the effective policy set. This JSR is concerned with the message exchange level policies, hence addressing multiparty, application level agreements, etc, is considered out of scope for this JSR. Support for domain specific policy feature set (such as for reliable messaging, security, etc.) is considered out of scope for this JSR. Specifying a policy negotiation or exchange protocol is considered out of scope for this JSR. This JSR is intended to be used as a common set of utility API by other JSRs, such as JAX-RPC and JBI, and is meant mostly as a means of collecting policy into a java container that may be made available to other middleware components
Due to the policy language independent nature, the progress of this JSR is not restricted by the progress of the standardization of the policy languages. However, the final release of the specification intended by this JSR may reference at least one standardized concrete policy language for demonstrating how the specification can be actually used, etc. In that regard, it is expected that the Expert Group closely follows the policy language standardization activities under other open standards organizations.
Specific functionality aimed by the proposed JSR:
a. Unique identifier for the policy semantics and the parameters governing that policy.
b. Description of message context, if any, corresponding to the policy.
2. An API for accessing the policy set associated with a given instance of a message exchange and its processing context. For any given message exchange instance, it should be possible to determine the corresponding policy subjects such as service name, endpoint, operation, message type, etc. Based on the policy subjects and the processing context (such as binding protocol specific, binding protocol neutral, etc), it should be possible to query a policy information source for the effective policy set. The possible policy information sources include :-
a. Service description artifacts such as WSDL documents, externally attached policies via a XML registry, etc.
b. Service endpoint reference
c. System configuration, annotation of the component code, etc.
d. Any combination of the above.
3. A basic framework and SPI for making the effective policy set available for the runtime that may be used on the sender and the receiver sides.
This JSR does not intend to require any particular runtime model for policy detection and policy enforcement. For example, this JSR does not specify at which point during the runtime the effective policy set is detected and enforced, or whether the entire effective policy set is obtained at once and the entire runtime is configured at once, or whether the effective policy sets for the different parts of the runtime are obtained and enforced separately. This JSR is not defining policy decision points or policy enforcement points but simply making the policy available to the runtime.
4. An API for extracting policy specific context, if any, appearing on the runtime message instances. A typical scenario where such an API will be useful is - when a node receiving a message has determined the effective policy set for the particular message and is interested in extracting and validating the message context pertaining to each policy in effect.
This JSR aims to reuse existing standard Java technologies where ever possible. For example, a suitable Java technology may be used for registering and retrieving policy specific metadata.
It is expected that the specification intended by this JSR will be utilized from within other Java specifications for Web services such as JAX-WSA (JSR 261), JAX-RPC (JSR 224) and JBI (JSR 208). In that regard, it may be necessary to make certain changes to the specification aimed by this JSR to facilitate its reuse by the other standard Java technologies.
2.2 What is the target Java platform? (i.e., desktop, server, personal, embedded, card, etc.)
J2SE and J2EE
2.3 The Executive Committees would like to ensure JSR submitters think about how their proposed technology relates to all of the Java platform editions. Please provide details here for which platform editions are being targeted by this JSR, and how this JSR has considered the relationship with the other platform editions.
J2SE and J2EE
2.4 Should this JSR be voted on by both Executive Committees?
2.5 What need of the Java community will be addressed by the proposed specification?
This specification standardizes certain basic support for Web services policies in the Java platform and ensures that Java remains a competitive Web services platform that meets current demands of the Java community in a future-proof manner (while remaining neutral to the ongoing platform independent policy language efforts in the industry).
2.6 Why isn't this need met by existing specifications?
There is currently no standard specification in Java for Web services policies.
2.7 Please give a short description of the underlying technology or technologies:
Please see section 2.1 above.
2.8 Is there a proposed package name for the API Specification? (i.e., javapi.something, org.something, etc.)
2.9 Does the proposed specification have any dependencies on specific operating systems, CPUs, or I/O devices that you know of?
2.10 Are there any security issues that cannot be addressed by the current security model?
2.11 Are there any internationalization or localization issues?
2.12 Are there any existing specifications that might be rendered obsolete, deprecated, or in need of revision as a result of this work?
2.13 Please describe the anticipated schedule for the development of this specification.
It is expected that the expert group upon formation will decide on a schedule for the development of this specification as its first order of business.
2.14 Please describe the anticipated working model for the Expert Group working on developing this specification.
E-mail, teleconferences, and infrequent meetings. We will also use or create an open mailing list for discussions by other interested people outside the expert group.
2.15 It is important to the success of the community and each JSR that the work of the Expert Group be handled in a manner which provides the community and the public with insight into the work the Expert Group is doing, and the decisions that the Expert Group has made. The Executive Committees would like to ensure Spec Leads understand the value of this transparency and ask that each JSR have an operating plan in place for how their JSR will address the involvement of the community and the public. Please provide your plan here, and refer to the Spec Lead Guide for a more detailed description and a set of example questions you may wish to answer in your plan.
We will leverage the Early Draft feature of JCP 2.6 to allow the public to see the specification in progress.
2.16 Please describe how the RI and TCK will de delivered, i.e. as part of a profile or platform edition, or stand-alone, or both. Include version information for the profile or platform in your answer.
SAP will make available the TCK, although assistance from any Expert Group member would be welcome. The RI will be delivered by extending the JAX-RPC 2.0 Reference Implementation.
2.17 Please state the rationale if previous versions are available stand-alone and you are now proposing in 2.13 to only deliver RI and TCK as part of a profile or platform edition (See sections 1.1.5 and 1.1.6 of the JCP 2 document).
2.18 Please provide a description of the business terms for the Specification, RI and TCK that will apply when this JSR is final.
The Specification, RI and TCK will be offered under royalty-free and otherwise reasonable and non-discriminatory terms complying with the JSPA.
Section 3: Contributions
3.1 Please list any existing documents, specifications, or implementations that describe the technology. Please include links to the documents if they are publicly available.
2. JSR 224: Java API for XML-Based RPC (JAX-RPC) 2.0. http://www.jcp.org/en/jsr/detail?id=224
3. W3C Workshop on Constraints and Capabilities for Web Services. http://www.w3.org/2004/09/ws-cc-program.html
4. WSDL 2.0 Core, W3C Working Draft 3 Aug 2004. http://www.w3.org/TR/2004/WD-wsdl20-20040803/
3.2 Explanation of how these items might be used as a starting point for the work.
The proposed JSR for Java API for XML Web Services Policy aims to remain independent of the several platform-neutral policy language and the domain specific policy specification efforts in the industry. As pointed out in the summary of reference 3 in the section 3.1 above, it is expected that the Web services Constraints and Capabilities specifications become standardized under a standards organization. The currently proposed JSR should follow such corresponding developments under the open standards bodies and make appropriate changes if necessary.
Section 4: Additional Information (Optional)
4.1 This section contains any additional information that the submitting Member wishes to include in the JSR.