Hi Vankat,
All right !! Now u r understanding the requirement. This is what we achieve from Ruchith's proposal. We want to build the DOM stuff using the direct pull stream, but not layering. If u can read Ruchith's proposal, this is exactly what we gonna do. Regards, Chinthaka > > What if we come across some other library that depends on DOM? IMHO, > users are likely need a DOM interface for something or the other, and > OM is not going to replace DOM. > > I also feel that DOM implementation should not be a layer over OM but > a direct implementation over the pull stream, in its own right, so > that OM doesn't get in the path for the performance optimizations for > DOM. > > -Venkat > > > On 5/18/05, Glen Daniels <[EMAIL PROTECTED]> wrote: > > > > Is it possible to implement xml-sec without DOM? In other words, would > it be possible / a good idea to build an eventual > > Axis-specific WSS implementation on top of OM directly? I understand > we'd lose the use of standard libraries, but I'm wondering > > what the performance gain might be. > > > > --G > > > > > -----Original Message----- > > > From: Dittmann Werner [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, May 17, 2005 2:26 AM > > > To: '[email protected]'; [EMAIL PROTECTED] > > > Subject: AW: [Axis2] Proposal - DOM Implementation for Axis2 > > > > > > Ruchith, Dims, > > > > > > first of all: I'm not familiar with the enw Axis 2 OM structure > > > and mechanisms. However, just jumping in here to get a better > > > understanding and the impacts for WS-Security. > > > > > > What are the impacts of the following quote for the security handlers: > > > > > > "As long as the OM structure is preserved for the following > > > handlers to > > > work on (e.g: after security), there will be no problems at all." > > > > > > I like to point out that the security mechanisms need the complete, > > > fully serialized SOAP request (or response) as a DOM XML document to > > > work correctly. The security functions then add new elements, modify > > > existing elements, delete/replace exisiting elements of that document. > > > This is not only true for the WSS4J functions but also for the > > > underlying Apache xml-sec library. The security handler then replaces > > > the original SOAP request with the "security enhanced" document. In > > > addition its is important to know that the security enhanced doc shall > > > not be modified afterwards (e.g. new serialization of the doc) because > > > this may destroy signatures. The Axis WS handlers use Axis methods > > > to ensure that (or JAX-RPC methods in case of the JAX-RPC handler) > > > > > > Said all this I'm a little concerned about the above statement. The > > > security handler cannot preserve the OM structuture as far as I can > > > see. > > > > > > Regards, > > > Werner > > > > > > > -----Urspr�ngliche Nachricht----- > > > > Von: Ruchith Fernando [mailto:[EMAIL PROTECTED] > > > > Gesendet: Montag, 16. Mai 2005 21:23 > > > > An: [EMAIL PROTECTED] > > > > Cc: [email protected] > > > > Betreff: Re: [Axis2] Proposal - DOM Implementation for Axis2 > > > > > > > > > > > > Hi Dims, > > > > > > > > I think the SAAJ implementation can be used once we finalize the > > > > implementation of few places such as > > > > org.apache.axis.saaj.SOAPDocumentImpl (creation of the new DOM > > > > Elements is missing in here). > > > > > > > > As long as the OM structure is preserved for the following > > > handlers to > > > > work on (e.g: after security), there will be no problems at all. > > > > > > > > With the proposed solution I think we can get away from having two > > > > object strctures (OM and DOM) at the same time. But I think > > > I can try > > > > to go ahead with what is there is in SAAJ impl without much of a > > > > problem :-) > > > > > > > > Thanks, > > > > Ruchith > > > > > > > > > > > > On 5/16/05, Davanum Srinivas <[EMAIL PROTECTED]> wrote: > > > > > Ruchith, > > > > > > > > > > Did you consider using the SAAJ stuff which already has dom > > > > interfaces? > > > > > > > > > > -- dims > > > > > > > > > > On 5/16/05, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > > > > > > Hi All, > > > > > > > > > > > > In implementing WS-Security capabilities on Axis 2.0 we > > > > will have to > > > > > > convert the OM to DOM and provide the complete > > > > SOAPEnvelope as a DOM > > > > > > implementation. > > > > > > The following changes and additions are proposed to the OM > > > > > > implementation to support this. > > > > > > > > > > > > 1.) The org.w3c.dom.* interfaces will be implemented > > > > extending the OM > > > > > > Impls. (org.apache.axis.dom.*) > > > > > > Also there will be an implementation of org.apache.axis.soap.* > > > > > > interfaces extending from the DOMImpls. > > > > (org.apache.axis.dom.soap.*) > > > > > > In this situation we will have to change some of the > > > > method names in > > > > > > the OM interfaces. E.g.: getNextSibling, > > > > getPreviousSibling in OMNode > > > > > > > > > > > > 2.) A DOMSOAPFactory implementing the SOAPFactory will be > > > > introduced > > > > > > to provide the DOM_SOAP impls. to the StAXSOAPModelBuilder > > > > > > > > > > > > 3.) How to switch the builder when the security related > > > > handlers takes over: > > > > > > > > > > > > Since the security handlers depend on the DOM interfaces, > > > > they cannot > > > > > > work with pure OM instances. They expect DOM impls. So > > > > now there's a > > > > > > need to switch from normal OM factory to DOM factory. Therefore > > > > > > following method is proposed to to handle this. > > > > > > > > > > > > There will be some processing of the SOAPEnvelope before > > > > it reaches > > > > > > the security handlers. > > > > > > And there will be a reference to this partially built > > > > SOAPEnvelope in > > > > > > the MessageContext object. This SOAPEnvelope consists > > > > only of pure OM > > > > > > based elements (org.apache.axis.soap.*). Now we get the > > > > pull parser > > > > > > from the SOAPEvelope we have through the OMStAXWrapper > > > > (This is used > > > > > > to get the pull events from OMElements, irrespectiveof > > > their build > > > > > > state) > > > > > > > > > > > > PullParser pp = messageContext.getSOAPEnvelope().getPullParser() > > > > > > //Returns a pp pointing to the start of the document > > > > > > > > > > > > Then we create a new StAXSOAPModelBuilder passing the > > > > DOMSOAPFactory > > > > > > together with the pull parser returned from the SOAPEnvelope. > > > > > > > > > > > > StAXSOAPModelBuilder builder = new > > > > StAXSOAPModelBuilder(pp, new DOMFactory()) > > > > > > > > > > > > At this point the SOAPEnvelope reference in the message > > > context is > > > > > > pointing to the older pure OM based SOAPEnvelope. > > > > > > This will have to reassigned to the new OM+DOM based > > > > SOAPEnvelope, as > > > > > > shown below: > > > > > > > > > > > > messageContext.setEnvelope(builder.getDocumentElement()); > > > > // This will > > > > > > set the reference to the new DOMSOAPEnvelopeImpl > > > > > > > > > > > > Therefore to achieve this we need to have remember the > > > > following point > > > > > > as a best practise : DON'T POINT TO THE SOAP ENVELOPE OF > > > > A MESSAGE, > > > > > > JUST POINT TO THE MESSAGE_CONTEXT ONLY. > > > > > > > > > > > > I think this is one of the best use cases which shows the > > > > beauty of > > > > > > the Factory and Builder concept used in Axis2 - OM design :) > > > > > > > > > > > > Thanks, > > > > > > Ruchith > > > > > > > > > > > > > > > > -- > > > > > Davanum Srinivas - http://webservices.apache.org/~dims/ > > > > > > > > > > > > > > > > > >
