x
Home
Search
Topics
Almanac
Science
Nature
People
History
Society
Signup
Login
HOME
TOPICS
ALMANAC
SCIENCE
NATURE
PEOPLE
HISTORY
SOCIETY
PHILOSOPHY
SPML
Topic Home
Discussion
0
Encyclopedia
Service Provisioning Markup Language (SPML) is an XML
XML
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....

-based framework, being developed by OASIS
OASIS (organization)
The Organization for the Advancement of Structured Information Standards is a global consortium that drives the development, convergence and adoption of e-business and web service standards...

, for exchanging user, resource and service provisioning information between cooperating organizations.

The Service Provisioning Markup language is the open standard for the integration and interoperation of service provisioning requests. SPML is an OASIS standard based on the concepts of Directory Service Markup Language
Directory Service Markup Language
Directory Services Markup Language is a representation of directory service information in an XML syntax.The DSML version 1 effort was announced by creator Bowstreet on July 12, 1999. Initiative supporters include AOL-Netscape, Sun Microsystems, Oracle, Novell, Microsoft, and IBM...

. SPML version 1.0 was approved in October 2003. SPML version 2.0 was approved in April 2006.
Security Assertion Markup Language exchanges the authorization data.

Definition

The OASIS Provisioning Services Technical Committee uses the following definition of "provisioning":

Goal of SPML

The goal of SPML is to allow organizations to securely and quickly set up user interfaces for Web services and applications, by letting enterprise platforms such as Web portals, application servers, and service centers generate provisioning requests within and across organizations. This can lead to automation of user or system access and entitlement rights to electronic services across diverse IT infrastructures, so that customers are not locked into proprietary solutions.

Core functions

  • listTargets - Enables a requestor to determine the set of targets that a provider makes available for provisioning.
  • add - The add operation enables a requestor to create a new object on a target.
  • lookup - The lookup operation enables a requestor to obtain the XML that represents an object on a target.
  • modify - The modify operation enables a requestor to change an object on a target.
  • delete - The delete operation enables a requestor to remove an object from a target.

Async Capability

  • cancel - The cancel operation enables a requestor to stop the execution of an asynchronous operation.
  • status - The status operation enables a requestor to determine whether an asynchronous operation has completed successfully or has failed or is still executing.

Bulk Capability

  • bulkModify - Allows multiple modify requests to be run together.
  • bulkDelete - Allows multiple delete requests to be run together.

Password Capability

  • setPassword - Enables a requestor to specify a new password for an object.
  • expirePassword - Marks as invalid the current password for an object.
  • resetPassword - Enables a requestor to change (to an unspecified value) the password for an object and to obtain that newly generated password value.
  • validatePassword - Enables a requestor to determine whether a specified value would be valid as the password for a specified object.

Search Capability

  • search - The search operation obtains every object that matches a specified query.
  • iterate - The iterate operation obtains the next set of objects from the result set that the provider selected for a search operation.
  • closeIterator - The closeIterator operation tells the provider that the requestor has no further need for the search result that a specific represents.

Suspend Capability

  • suspend - The suspend operation enables a requestor to disable an object.
  • resume - The resume operation enables a requestor to re-enable an object that has been suspended.
  • active - The active operation enables a requestor to determine whether a specified object has been suspended.

Updates Capability

  • updates - The updates operation obtains records of changes to objects.
  • iterate - The iterate operation obtains the next set of objects from the result set that the provider selected for an updates operation.
  • closeIterator - The closeIterator operation tells the provider that the requestor has no further need for the updates result set that a specific represents.

Custom Capabilities

  • An individual provider (or any third party) can define a custom capability that integrates with SPMLv2.

Provisioning Service Object (PSO)

The key identifier in SPML is a PSO.

A Provisioning Service Object (PSO), sometimes simply called an object, represents a data entity or an information object on a target. For example, a provider would represent as an object each account that the provider manages.

Every object is contained by exactly one target. Each object has a unique identifier (PSO-ID).

Profile

SPMLv2 defines two “profiles” in which a requestor and provider may exchange SPML protocol:
  • XML Schema as defined in the “SPMLv2 XSD Profile” [SPMLv2-Profile-XSD].
  • DSMLv2 as defined in the “SPMLv2 DSMLv2 Profile” [SPMLv2-Profile-DSML].


A requestor and a provider may exchange SPML protocol in any profile to which they agree.

The DSMLv2 Profile may be more convenient for applications that access mainly targets that are LDAP or X500 directory services. The XSD Profile may be more convenient for applications that access mainly targets that are web services.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
Silverdale Interactive © 2024. All Rights Reserved.
 
x
OK