On Nov 25, 2006, at 3:50 PM, Sanjiva Weerawarana wrote:
Semi-seriously, I say "no, we don't". Let's take transactions as the first example. Here are my three reasons why we don't need WS- Coordination, WS-BusinessActivity or WS-AtomicTransaction: 1) There are many successful WS-* implementations already (or so everybody tells me), and none of them currently relies on these (because they're neither finalized nor widely supported) 2) Atomic (2PC) transactions are a bad idea for loosely-coupled systems (I consider them to be the most tightly approach you can take) 3) Even using compensations à la WS-BusinessActivity, IMO, belong in the application -- they're business logic anyway, and I don't see what standards support buys you hereOn Sat, 2006-11-25 at 08:44 -0500, Mark Baker wrote: > On 11/25/06, Sanjiva Weerawarana <[EMAIL PROTECTED]> wrote:> > Well it shouldn't be .. if you don't need SOAP you don't need it. If all > > you need is to send some XML over HTTP or HTTPS then SOAP is not at all > > needed. SOAP should come into the picture IFF you need message level > > security, reliability or transactions or any of the other things that> > have been built on SOAP. If not why pay the price? >> What's interesting about this argument is an implicit assumption being> made; that if you had an existing HTTP/URI based Web API, but then > later found it needed "security, reliability, or transactions", that > you need to abandon the existing Web API and replace it with SOAP.> What about, oh, say, *adding* those ilities incrementally, within the> constraints of the existing API?Hey great idea! OK now tell me, what exactly does one need to do to add message level security to HTTP? After I sign the message where do I put it so the recipient will always check that before touching the message?How about reliability? (Remember HTTP-R?) How about transactions?NOTE: We need interoperable standards with corresponding metadata (i.e.,policies) for all of the above so that tools can work with them.
As to transactions, I don't think anyone has bothered yet. As for reliability, examples includePlease tell me what standards in non-WS-* REST-land do these things.
SOA-Rity (http://www.goland.org/soareliability/) (by Yaron Goland) andHTTPLR (http://www.dehora.net/doc/httplr/draft-httplr-00.html) by Bill de hÓra
I agree that none of them is standardized yet, which doesn't prevent anyone from using them in their own applications, but hinders tool development (which can be considered a disadvantage).
Stefan -- Stefan Tilkov, http://www.innoq.com/blog/st/
smime.p7s
Description: S/MIME cryptographic signature
