The SCA Model supports communication between Services via Bindings, which exist for a number of technologies. To comply with the specification, all implementations must support an SCA Service Binding and Web Service Binding. Bindings are used by Services and References. Services use Bindings to define how they can be called; References use them to declare how they intend to call a Service. Example 3(b) is a Binding using web services.
Quality of Service: The Policy Framework
To address Quality-of-Service (QoS) and nonfunctional requirements, the SCA Model provides a Policy Framework. Policies can be used to define security, availability, and transactionality, among other requirements. Policies can be associated with each Component. Services and References can have multiple policies to allow alternate means of access. The main elements of the Policy Framework are Intents, Profiles, and Policy Sets.
Intents are abstract statements of QoS constraints on a Component implementation. For example, messaging may need to be confidential. An Intent with name "confidentiality" can therefore be defined as in Example 4(a).
(a) <intent name="confidentiality" constrains="sca:binding"> <description> Communication through this binding must prevent unauthorized users from reading the messages. </description> </intent> (b) <sca:profile intents="sec.confidentiality rel.reliability"/>
Profiles are aggregations of Intent names. Intents referenced in a Profile are mapped to implementations in Policy Sets. Example 4(b) is a Profile declaration.
Policy Sets correspond to the implementation of Intents. They declare technology-specific constraints on elements in the Assembly Model. Example 5 is a Policy Set corresponding to the Confidentiality Intent. This example uses the intentMap element, which indicates alternative implementations for a given Intent.
<policySet name="SecureMessagingPolicies" provides="confidentiality" appliesTo="binding.ws" xmlns="http://www.osoa.org/xmlns/sca/1.0" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <intentMap provides="confidentiality" default="transport"> <qualifier name="transport"> <wsp:PolicyAttachment> <wsp:AppliesTo> <wsa:EndpointReference xmlns:myStore="..." > <wsa:Address>http://myStore.example.com/acct </wsa:Address> <wsa:PortType> myStore:myPortType </wsa:PortType> <wsa:ServiceName> myStore:InventoryService </wsa:ServiceName> </wsa:EndpointReference> </wsp:AppliesTo> <wsp:PolicyReference URI="http://myStore.example.com/policies.xml" /> </wsp:PolicyAttachment> <wsp:PolicyAttachment> ... </wsp:PolicyAttachment> </qualifier> <qualifier name="message"> <wsp:PolicyAttachment> <!-- policy expression and policy subject for "message" alternative" --> ... </wsp:PolicyAttachment> </qualifier> </intentMap> </policySet>
Policy Sets contain the specifics of a technology including details for the bindings, sources, and targets. If a Public Key Infrastructure were required, the Policy Set may contain information such as encryption methods, trust relationships, and key stores. WS-Policy and WS-PolicyAttachment are the de facto syntax for Policy Set declarations. However, support for other languages (such as XACML or proprietary languages) are possible and depend on the container implementation.
Intents are attached to components through the Component metadata. Example 6 is an example of attaching authentication and reliability intents to a Service declaration.
<sca:service name="mySpecialService"> <sca:interface.wsdl portType="..." /> <sca:profile intents="sec.authentication rel.reliabilty"/> </sca:service>
At this writing, Policy Sets and Intents are maintained in a global definitions file that is referenced in assembly descriptor files through the Intent or Profile.