Drop me links to the AG 2.0 specs after the presentation please

Ivan R. Judson judson at mcs.anl.gov
Wed Oct 2 21:21:07 CDT 2002 

 
Hey Jay,
 
Thanks for the feedback already.  I need to read over the WS-Security
spec, I know it's been in flux lately, but I need to get more familiar
with it. Maybe while I'm home after the baby comes tomorrow (shyeah).
 
We do have this general problem of thinking of ACE/ACL's and enforcement
infrastructure, which i think is rich for work.  We do have to leverage
Globus for our security, but I know Globus has done some work on SASL
integration.  Has Passport done anything to be a SASL option?  If so, we
could consider targeting SASL abstracting the actual security
implementation out of the infrastructure (which might benefit everyone).
I'll read up on SASL to see if this makes more or less sense.
 
We haven't specified SQL schemas yet since that assumes a SQL database
as a web service backend.  I'd be happy if we get interfaces concretely
defined in WSDL, leveraging data types defined by XML Schemas.  Those
map directly to SQL data structures with .Net but also leave us the
option of other implementations.
 
Can you remind me of where the WSDL descriptions of the components you
developed are?
 
Thanks,
 
--Ivan

-----Original Message-----
From: Jay Beavers [mailto:jbeavers at microsoft.com] 
Sent: Tuesday, October 01, 2002 1:40 PM
To: judson at mcs.anl.gov
Cc: Todd Needham; Michael E. Papka
Subject: RE: Drop me links to the AG 2.0 specs after the presentation
please



Some thoughts for you:

 

Authentication / Authorization

 

Have you looked at the WS-Security specification?  It provides for
attaching X.509 certificates to SOAP messages and signing the messages.
In reviewing the Globus Toolkit 2.0's security model, it seemed that
WS-Security would be a great way of using Globus certificates with web
service calls.  The "Web Services Development Kit" has a preview
implementation of WS-Security for .NET  You can download the WSDK
<http://msdn.microsoft.com/downloads/default.asp?URL=/downloads/sample.a
sp?url=/MSDN-FILES/027/001/997/msdncompositedoc.xml> Preview.  See Using
<http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwsse
cur/html/wssecwithwsdk.asphttp://msdn.microsoft.com/library/default.asp?
url=/library/en-us/dnwssecur/html/wssecwithwsdk.asp> WS_Security with
the WSDK for an example with source code of how to use the WSDK to sign
and authenticate a web service call using X.509 v3 certificates.

 

Unfortunately, the WSDK still doesn't have ACL/ACE functionality for
authorizing users' access to objects.  I'm prototyping a couple of
classes that basically mirror the ACL/ACE/group design from VMS/NT for
an unrelated project if you're interested in collaborating in this area.
The idea is to have a generic "authorization" object that you can
"attach" to an object, set the ACL, serialize the ACL for easy storage,
and perform authorization checks.

 

SQL Schemas

 

I didn't see any details on web service interfaces of SQL schema in the
discussions.  I'd like to talk at this level so that we can get
interoperability going.  I've done a first pass at SQL schema
synchronization with Shawn Davis and I think I should be AG Venue Server
functionality compatible with my next venue server release.  I'd love to
be in a position where we (MSR) release a subset of functionality and
both ANL and NCSA are able to add on functionality to the same server by
adding additional functionality on top of the same data store.

 

Web Service Interfaces

 

I'd like to synchronize on web service interfaces too.  I've provided
you guys with our WSDL and source for the web service calls used by CXP.
I'd like to get feedback and to synchronize these as well, probably
following the same pattern as above where we provide a subset of
functionality but that subset is 100% compatible.

 

 

I look forward to talking more after the retreat.

 

 - jcb

 

-----Original Message-----
From: Ivan R. Judson [mailto:judson at mcs.anl.gov] 
Sent: Monday, September 30, 2002 7:57 PM
To: Jay Beavers
Cc: Todd Needham; 'Michael E. Papka'
Subject: RE: Drop me links to the AG 2.0 specs after the presentation
please

 

 

Hey Dude,

 

Don't worry about it; sometimes that happens.

 

http://www.mcs.anl.gov/fl/events/agtech/

 

These aren't as detailed as I'd like, but they are a start. We'll see if
things work tomorrow :-)

 

--Ivan

 

-----Original Message-----
From: Jay Beavers [mailto:jbeavers at microsoft.com] 
Sent: Monday, September 30, 2002 10:16 AM
To: Judson at MCS.anl.gov
Cc: Todd Needham
Subject: Drop me links to the AG 2.0 specs after the presentation please

Sorry I couldn't join you this morn Ivan.  Seems technical difficulties
were to be the order of the day.

 

I was unable to use OpenMash instead of ddvic to enable sending of my
video.  If I switched from ddvic to OpenMash, all video windows came in
as blank grey.

 

I was unable to send audio from rat.  It would see the signal locally,
but my send indicators stayed grey instead of green.

 

I was unable to connect to the DPPT server.  Don't ask me why, I don't
know.

 

 

So if you could, please drop me the PPT links later.  I'll take a look
at them and send feedback via email.

 

- jcb

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/ag-dev/attachments/20021002/979b0302/attachment.htm>

More information about the ag-dev mailing list