Venkata Krishnan wrote:
Hi Sebastien,
I have made the changes to the secure-bigbank demo. Let me know if there is
something that looks odd and not practical in a real world scenario.
Thanks.
I'm starting to like it :) I have a few more suggestions:
- Merge it into the main bigbank scenario.
- Place definitions.xml files in different contributions to show that
policies can be configured externally.
- Remove the CallbackHandlers as hardcoding a password in a piece of
code in the contribution is not what I'd call practical :)
Another suggestion to make policies easier to use: Support external
attachment of a PolicySet to a composite element independent of the
presence of intents.
Here are some use cases:
- configure confidentiality at deployment time, without having to go
back and change the application composite to add intents or policySets.
- configure the number of HTTP connections on a reference [1], over time
when traffic increases, again with no change to the composite.
External policy attachment is starting to be discussed in the OASIS
policy spec workgroup [2], but I was thinking that we could start simple
with just an additional attribute on PolicySet for now, like this:
<policySet alwaysAppliesTo="xpath" ...>
<!-- typical policySet configuration here -->
/policySet>
The policySet would be applied to the composite elements matching the
xpath in alwaysAppliesTo, independent of the presence or not of any intents.
Thoughts?
[1] http://marc.info/?l=tuscany-user&m=120051348720777
[2] http://www.osoa.org/jira/browse/POLICY-15
--
Jean-Sebastien
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
