Find JSRs
Submit this Search


Ad Banner
 
 
 
 
JSRs: Java Specification Requests
JSR 265: API for Utilizing Web Services Policy

This JSR has been Withdrawn
Reason: The standardization of policy-based metadata will continue as part of the Service Component Architecture (SCA), which will eventually provide Java-based language bindings as part of separate JSRs.

Original Java Specification Request (JSR)

Identification | Request | Contributions | Additional Information

Section 1. Identification

Submitting Member: SAP AG

Name of Contact Person: Michael Bechauf

E-Mail Address: michael.bechauf@sap.com

Telephone Number: +1 650 849 4279

Fax Number: +1 650 849 4101


Specification Lead: Sanjay Patil & Umit Yalcinalp

E-Mail Address: sanjay.patil@sap.com & umit.yalcinalp@sap.com

Telephone Number: +1 650 320 3165 & +1 650 320 3095

Fax Number: +1 650 849 4101 & +1 650 849 4101


Initial Expert Group Membership:

Borland
Oracle
Sun Microsystems, Inc.
IONA Technologies
SAP AG

Supporting this JSR:

BEA Systems
Borland
Fujitsu Limited
IONA Technologies
JBoss, Inc
Nokia
Oracle
Sun Microsystems, Inc.
SAP AG



Section 2: Request

2.1 Please describe the proposed Specification:

This specification aims to standardize a basic framework in Java for utilizing the Web services constraints and capabilities. It enables other Java technologies for Web services to utilize policies in a uniform manner thereby strengthening Java as a competitive Web services platform.
Business Case for the proposed JSR
Today, users of Java platform are faced with the challenge of supporting Web Services that have specific behavior, constraints and capabilities (hereafter referred to as policies for brevity) whose description goes beyond the core WSDL functionality. In addition to the use of WSDL for the description of the abstract and technical interfaces of a Service, it is often times the case that additional policy metadata is associated with the several WSDL components, for example, particular QoS requirements of a Web Service. Client systems consuming such Web Services need to obtain the policies in effect for the service. In some cases, it may be useful for a service to be able to obtain its own policy set for a given interaction. Once obtained, the effective policy set is typically presented for ensuring compliant behavior of the interactions. Java specifications that target Web Service development, such as JAXRPC and JBI, currently do not address the needs of obtaining and presenting the Web Service policies, either at configuration or at runtime. This JSR aims to standardize certain basic support in the Java platform to satisfy the client and service provider system requirements for obtaining and presenting the Web Services policies.
Intended Scope of the proposed JSR:
In the industry there are several efforts currently in progress to define policy expression languages, e.g. WSDL Features & Properties (WSDL F&P) and WS-Policy. The final shape of the policy technical domain is expected to be the subject of standardization effort in an open standards organization like the World Wide Web Consortium (W3C).
Careful analysis indicates that these policy languages share certain basic and significant semantics. These include

    - Associating policies with different policy subjects (WSDL components such as service, endpoint, operation, message, etc),
    - Scoping a policy associated with a WSDL component, possibly based upon the interrelationships between the WSDL components
    - The normalization, merging, composition and interaction of policies.
This JSR aims to keep above complexities inherent in the policy expression languages away from the Java API, by providing support only for obtaining and presenting the policy set in effect for any given message exchange instance. It is assumed that obtaining and presenting the effective policy set is orthogonal to the particular policy expression language being used by the implementations of this JSR, the specific mechanism used for associating policies with the different WSDL components (such as via registries, etc.) or how the particular policy language addresses issues such as normalizing, scoping, and merging of policies. This JSR aims to solve only the common problems that pertain to all the policy language usage scenarios, which primarily centers on ? how to obtain and present in Java a set of effective policies for a specific message exchange instance.
This JSR does not aim to generalize the different policy languages. This JSR does not aim to provide a common model for normalizing, associating, scoping, merging of policies, etc. Rather, this JSR aims to remain independent of the policy languages by concentrating only on the production of the effective policy set. This JSR is concerned with the message exchange level policies, hence addressing multiparty, application level agreements, etc, is considered out of scope for this JSR. Support for domain specific policy feature set (such as for reliable messaging, security, etc.) is considered out of scope for this JSR. Specifying a policy negotiation or exchange protocol is considered out of scope for this JSR. This JSR is intended to be used as a common set of utility API by other JSRs, such as JAX-RPC and JBI, and is meant mostly as a means of collecting policy into a java container that may be made available to other middleware components
Due to the policy language independent nature, the progress of this JSR is not restricted by the progress of the standardization of the policy languages. However, the final release of the specification intended by this JSR may reference at least one standardized concrete policy language for demonstrating how the specification can be actually used, etc. In that regard, it is expected that the Expert Group closely follows the policy language standardization activities under other open standards organizations.
Specific functionality aimed by the proposed JSR:
    This JSR aims to standardize specific support for java to reflect Web Services policies including: 1. An abstract model and API for only the key aspects of a policy. It will not include the detailed policy object model, XML representation, domain specific semantics, etc. The abstract model should however be sufficient to model the key aspects of a policy, such as
    a. Unique identifier for the policy semantics and the parameters governing that policy.
    b. Description of message context, if any, corresponding to the policy.
    2. An API for accessing the policy set associated with a given instance of a message exchange and its processing context. For any given message exchange instance, it should be possible to determine the corresponding policy subjects such as service name, endpoint, operation, message type, etc. Based on the policy subjects and the processing context (such as binding protocol specific, binding protocol neutral, etc), it should be possible to query a policy information source for the effective policy set. The possible policy information sources include :-
    a. Service description artifacts such as WSDL documents, externally attached policies via a XML registry, etc.
    b. Service endpoint reference
    c. System configuration, annotation of the component code, etc.
    d. Any combination of the above.
    3. A basic framework and SPI for making the effective policy set available for the runtime that may be used on the sender and the receiver sides.
    This JSR does not intend to require any particular runtime model for policy detection and policy enforcement. For example, this JSR does not specify at which point during the runtime the effective policy set is detected and enforced, or whether the entire effective policy set is obtained at once and the entire runtime is configured at once, or whether the effective policy sets for the different parts of the runtime are obtained and enforced separately. This JSR is not defining policy decision points or policy enforcement points but simply making the policy available to the runtime.
    4. An API for extracting policy specific context, if any, appearing on the runtime message instances. A typical scenario where such an API will be useful is - when a node receiving a message has determined the effective policy set for the particular message and is interested in extracting and validating the message context pertaining to each policy in effect.
Relationship with other specifications:
This JSR aims to reuse existing standard Java technologies where ever possible. For example, a suitable Java technology may be used for registering and retrieving policy specific metadata.
It is expected that the specification intended by this JSR will be utilized from within other Java specifications for Web services such as JAX-WSA (JSR 261), JAX-RPC (JSR 224) and JBI (JSR 208). In that regard, it may be necessary to make certain changes to the specification aimed by this JSR to facilitate its reuse by the other standard Java technologies.

2.2 What is the target Java platform? (i.e., desktop, server, personal, embedded, card, etc.)

J2SE and J2EE

2.3 The Executive Committees would like to ensure JSR submitters think about how their proposed technology relates to all of the Java platform editions. Please provide details here for which platform editions are being targeted by this JSR, and how this JSR has considered the relationship with the other platform editions.

J2SE and J2EE

2.4 Should this JSR be voted on by both Executive Committees?

No

2.5 What need of the Java community will be addressed by the proposed specification?

This specification standardizes certain basic support for Web services policies in the Java platform and ensures that Java remains a competitive Web services platform that meets current demands of the Java community in a future-proof manner (while remaining neutral to the ongoing platform independent policy language efforts in the industry).

2.6 Why isn't this need met by existing specifications?

There is currently no standard specification in Java for Web services policies.

2.7 Please give a short description of the underlying technology or technologies:

Please see section 2.1 above.

2.8 Is there a proposed package name for the API Specification? (i.e., javapi.something, org.something, etc.)

javax.ws.policy

2.9 Does the proposed specification have any dependencies on specific operating systems, CPUs, or I/O devices that you know of?

No

2.10 Are there any security issues that cannot be addressed by the current security model?

Not Known

2.11 Are there any internationalization or localization issues?

Not Known

2.12 Are there any existing specifications that might be rendered obsolete, deprecated, or in need of revision as a result of this work?

Not Known

2.13 Please describe the anticipated schedule for the development of this specification.

It is expected that the expert group upon formation will decide on a schedule for the development of this specification as its first order of business.

2.14 Please describe the anticipated working model for the Expert Group working on developing this specification.

E-mail, teleconferences, and infrequent meetings. We will also use or create an open mailing list for discussions by other interested people outside the expert group.

2.15 It is important to the success of the community and each JSR that the work of the Expert Group be handled in a manner which provides the community and the public with insight into the work the Expert Group is doing, and the decisions that the Expert Group has made. The Executive Committees would like to ensure Spec Leads understand the value of this transparency and ask that each JSR have an operating plan in place for how their JSR will address the involvement of the community and the public. Please provide your plan here, and refer to the Spec Lead Guide for a more detailed description and a set of example questions you may wish to answer in your plan.

We will leverage the Early Draft feature of JCP 2.6 to allow the public to see the specification in progress.

2.16 Please describe how the RI and TCK will de delivered, i.e. as part of a profile or platform edition, or stand-alone, or both. Include version information for the profile or platform in your answer.

SAP will make available the TCK, although assistance from any Expert Group member would be welcome. The RI will be delivered by extending the JAX-RPC 2.0 Reference Implementation.

2.17 Please state the rationale if previous versions are available stand-alone and you are now proposing in 2.13 to only deliver RI and TCK as part of a profile or platform edition (See sections 1.1.5 and 1.1.6 of the JCP 2 document).

N/A

2.18 Please provide a description of the business terms for the Specification, RI and TCK that will apply when this JSR is final.

The Specification, RI and TCK will be offered under royalty-free and otherwise reasonable and non-discriminatory terms complying with the JSPA.





Section 3: Contributions

3.1 Please list any existing documents, specifications, or implementations that describe the technology. Please include links to the documents if they are publicly available.

3.2 Explanation of how these items might be used as a starting point for the work.

The proposed JSR for Java API for XML Web Services Policy aims to remain independent of the several platform-neutral policy language and the domain specific policy specification efforts in the industry. As pointed out in the summary of reference 3 in the section 3.1 above, it is expected that the Web services Constraints and Capabilities specifications become standardized under a standards organization. The currently proposed JSR should follow such corresponding developments under the open standards bodies and make appropriate changes if necessary.



Section 4: Additional Information (Optional)

4.1 This section contains any additional information that the submitting Member wishes to include in the JSR.