Service Provisioning Markup Language: Difference between revisions

Browse history interactively

Content deleted Content added

VisualWikitext

Revision as of 10:39, 7 February 2005 edit 195.75.161.62 (talk) Service Provisioning Markup Language		Latest revision as of 03:20, 11 August 2025 edit undo Bender the Bot (talk \| contribs) Bots 1,064,377 edits m →External links: HTTP to HTTPS for SourceForge Tag: AWB
(77 intermediate revisions by 55 users not shown)
Line 1: {{Short description\|XML-based framework}} ~~{{stub}}~~ {{redirect\|SPML\|the surgical procedure\|Selective percutaneous myofascial lengthening}} '''Service Provisioning Markup Language''' ('''SPML''') is an [[XML]]-based framework, being developed by [[OASIS (organization)\|OASIS]], for exchanging user, resource and service provisioning information between cooperating organizations. The Service Provisioning Markup language is the open standard ~~protocol~~ for the integration and interoperation of [[service provisioning]] requests. SPML is an OASIS standard based on the concepts of [[Directory Service Markup Language]]. SPML version 1.0 iswas anapproved ~~OASIS~~in ~~standard,~~October ~~ratified~~2003. SPML version 2.0 was approved in ~~November~~April ~~2003~~2006.▼ ~~SPML stands for Service Provisioning Markup Language (SPML). SPML is used as a markup language that describes/defines the services that are available to users of an IT system.~~ [[Security Assertion Markup Language]] exchanges the authorization data. ==~~SPML Protocol~~Definition== The OASIS Provisioning Services Technical Committee uses the following definition of "provisioning":<ref>[http://java.net/projects/openspml/pages/FAQ Open SPML FAQ]</ref> ▲The Service Provisioning Markup language is the open standard protocol for the integration and interoperation of service provisioning requests. SPML version 1.0 is an OASIS standard, ratified in November 2003. "{{cquote\|Provisioning is the automation of all the steps required to manage (setup, amend and revoke) user or system access entitlements or data relative to electronically published services".}}▼ ~~==What is Service Provision?==~~ Service provisioning refers to the "preparation beforehand" of IT systems' materials or supplies required to carry out a specific activity. It goes beyond the initial "contingency" of providing resources, to encompass the entire lifecycle management of these resources. This includes the provisioning of digital services such as user accounts and access privileges on systems, networks and applications, as well as the provisioning of non-digital or "physical" resources such as cell phones and credit cards. ==Goal of SPML== ▲"Provisioning is the automation of all the steps required to manage (setup, amend and revoke) user or system access entitlements or data relative to electronically published services". The goal of SPML is to allow organizations to securely and quickly set up user interfaces for Web services and applications, by letting enterprise platforms such as Web portals, application servers, and service centers generate provisioning requests within and across organizations. This can lead to automation of user or system access and entitlement rights to electronic services across diverse IT infrastructures, so that customers are not locked into proprietary solutions. ==SPML Functionality== ~~(this information was copied from http://www.openspml.org/spml_faq.html)~~ SPML version 2.0 <ref>[http://www.oasis-open.org/specs/#spmlv2.0 SPML Version 2]</ref> defines the following functionality: ==~~External~~=Core ~~Links~~functions=== * listTargets - Enables a requestor to determine the set of targets that a provider makes available for provisioning. * http://www.oasis-open.org▼ * add - The add operation enables a requestor to create a new object on a target. * http://www.openspml.org * lookup - The lookup operation enables a requestor to obtain the XML that represents an object on a target. * modify - The modify operation enables a requestor to change an object on a target. * delete - The delete operation enables a requestor to remove an object from a target. ===Async capability=== * cancel - The cancel operation enables a requestor to stop the execution of an asynchronous operation. * status - The status operation enables a requestor to determine whether an asynchronous operation has completed successfully or has failed or is still executing. ===Batch capability=== * batch - Supports batch execution of requested operations. ===Bulk capability=== * bulkModify - Allows multiple modify requests to be run together. * bulkDelete - Allows multiple delete requests to be run together. ===Password capability=== * setPassword - Enables a requestor to specify a new password for an object. * expirePassword - Marks as invalid the current password for an object. * resetPassword - Enables a requestor to change (to an unspecified value) the password for an object and to obtain that newly generated password value. * validatePassword - Enables a requestor to determine whether a specified value would be valid as the password for a specified object. ===Reference capability=== ===Search capability=== * search - The search operation obtains every object that matches a specified query. * iterate - The iterate operation obtains the next set of objects from the result set that the provider selected for a search operation. * closeIterator - The closeIterator operation tells the provider that the requestor has no further need for the search result that a specific <iterator> represents. ===Suspend capability=== * suspend - The suspend operation enables a requestor to disable an object. * resume - The resume operation enables a requestor to re-enable an object that has been suspended. * active - The active operation enables a requestor to determine whether a specified object has been suspended. ===Updates capability=== * updates - The updates operation obtains records of changes to objects. * iterate - The iterate operation obtains the next set of objects from the result set that the provider selected for an updates operation. * closeIterator - The closeIterator operation tells the provider that the requestor has no further need for the updates result set that a specific <iterator> represents. ===Custom capabilities=== * An individual provider (or any third party) can define a custom capability that integrates with SPMLv2. ==Features== ===Provisioning Service Object (PSO)=== The key identifier in SPML is a PSO. A Provisioning Service Object (PSO), sometimes simply called an object, represents a data entity or an information object on a target. For example, a provider would represent as an object each account that the provider manages. Every object is contained by exactly one target. Each object has a unique identifier (PSO-ID). ===Profile=== SPMLv2 defines two “profiles” in which a requestor and provider may exchange SPML protocol: * XML Schema as defined in the “SPMLv2 XSD Profile” [SPMLv2-Profile-XSD]. * DSMLv2 as defined in the “SPMLv2 DSMLv2 Profile” [SPMLv2-Profile-DSML]. A requestor and a provider may exchange SPML protocol in any profile to which they agree. The DSMLv2 Profile may be more convenient for applications that access mainly targets that are LDAP or X500 directory services. The XSD Profile may be more convenient for applications that access mainly targets that are web services. == References == {{reflist}} ==External links== ▲* [http://www.oasis-open.org oasis-open.org] * [https://web.archive.org/web/20121010035014/http://java.net/projects/openspml/pages/Home OpenSPML] * [https://identitymngr.sourceforge.net/ Identity Provisioning Open Source Software Project] * [https://web.archive.org/web/20131029191926/https://java.net/projects/openptk Open Provisioning Tookit (OpenPTK)] * [https://web.archive.org/web/20120616124811/http://java.net/projects/keychain Keychain: Open Source SPMLv2 Gateway] * [https://web.archive.org/web/20100429091009/http://www.softerra.com/products_spml-library.htm Open Source Softerra SPML2 Library for .NET] {{OASIS Standards}} [[Category:XML-based standards]] [[Category:Identity management]]