In the ZIOP 1.0 specification, the IDL in Annex A has:
typedef unsigned short CompressorId { };
The braces are invalid and should be removed.
In the ZIOP 1.0 specification, Annex A has:
Compressor get_compressor(
in CompressorId compressor_id,
in CompressorLevel compression_level)
raises (UnknownCompressorId);
CompressorLevel should be CompressionLevel.
Section 17.3.1 of CORBA 3.1 / 3.2 says:
17.3.1 Structures
PolicyValue
This structure contains the value corresponding to a Policy of the
PolicyType indicated by its ptype. This representation allows the
compact transmission of QoS policies within IORs and Service
Contexts. **The format of pvalue for each type is given in the
specification of that Policy.**
When the ZIOP 1.0 specification describes the ZIOP policies, it does not
give the format for pvalue.
The ZIOP body format contains the original length of the compressed
data, which is important because it allows the compressor to efficiently
allocate a buffer to uncompress it. Unfortunately, the
Compressor::decompress() operation is not given that size, meaning that
it has to guess how big the uncompressed data will be.
The original data size should be given to the decompress() operation.
One way to do that without changing the operation signature would be to
specify that the inout Buffer target sequence should have its length
pre-populated to the expected size.
Summary:
Summary: Change the layout of both bounded and unbounded sequences to be the same
Summary: I can"t find in the COM/CORBA spec parts A and B any mention of how to
deal with IDL identifiers that are keywords to the Microsoft "mktyplib" tool.
This tool mangles the following identifier (not necessarily a complete list) by
prepending them with "_":
"BSTR", "CALLCONV", "coclass", "CY",
"CURRENCY", "DATE", "DECIMAL", "DISPID", "DISPPARAMS",
"dual", "EXCEPINFO", "guid", "GUID",
"HRESULT", "importlib", "IDispatch",
"INTERFACEDATA", "IUnknown", "LCID",
"METHODDATA", "odl", "oleautomation",
"PARAMDATA", "properties", "propget", "propput", "retval",
"SAFEARRAY", "SAFEARRAYBOUND", "SCODE",
"VARIANT", "VARIANTARG", "VARIANT_BOOL",
"VARTYPE", "VARENUM"
As far as I can tell, the output of the "mktyplib" tool makes use
(directly or indirectly) of the regular C++ bindings, whose identifiers
are not mangled the same way. This makes it impossible to emit COM bindings
for IDL files that contain the above keywords.
The problem that I"m running into is in CosTrading IDL, where the identifier
"properties" is used.
>You write on page 18-51:
>In COM V2.0, interfaces can have single inheritance. However, as opposed to
>CORBA,
>there is a standard mechanism by which an object can have multiple interfaces
>(without
>an inheritance relationship between those interfaces) and by which clients can
>query
>for these at run-time. (It defines no common way to determine if two interface
>references refer to the same object, or to enumerate all the interfaces
>supported by an
>entity.)
>
>It's not right, that there's no common way to determine if two interface
>references refer to the same object. The IUnknown-Pointer of two different
>interfaces of the same object must be the same (object identity in COM).
Summary: (D)IForeignComplexType,(D)ICORBAStruct,(D)ICORBAUnion,(D)IForeignException,(D)ICORBAUserException should have standard UUIDs and UUID identifiers
Summary: The COM/CORBA Part A spec states that user exceptions go after return values in one place, and before return values in another. (3.2.10.3 and 4.1.3.1)
There is currently no specification for fixed-point types in the COM/CORBA mapping. I'm interested in getting this changed: how can we proceed? better still, is this work already under way??
IDL4 extends the IDL type system with int8/uint8/map/bitset/bitfield/bitmask, these all could be useful at the CORBA layer so to have guaranteed interoperability CORBA should define the CDR marshaling support for these new types
CORBA 3.4 should have support for int8/uint8/map/bitset/bitfield/bitmask/bitvalue for DynamicAny, DynamicSkeleton, Interface Repo, Any/TypeCode and other CORBA APIs related to types
RE: CCM chapters document [orbrev] 99-10-04, section 61.6.2, page 61-45.
The document citation indicates that the integrity of the valuetype –
that is, the received marshalled state – is to be preserved in an
ORB-mediated operation, even if that valuetype cannot be unmarshalled,
either partially (truncated) or at all. If this value is then passed to
another operation, the original marshalled state is to be transmitted.
This preserves the transmitted object in its entirety, regardless of
local implementation concerns. This is obviously necessary for bridges
or event processing, such as through the notification service.
So the question arises, what happens if you have a partial (truncated)
unmarshall and the recipient application changes the local state of the
valuetype through its attributes or local operations? How can/will you
even know the state was changed? Do you ignore the changes and send the
originally received marshalled stream, send only the new valuetype even
though it is a truncation of the original, or "merge" the new values for
the unmarshalled part followed by the original appended data for the
truncated part? Should this third option be possible through an
explicit ORB call – that is, the application is responsible to identify
the change in state to the ORB? I assume that the semantics of
"truncatable" must come to include the understanding that data in the
truncatable portions may not be contextually dependent on the inherited
parent of the valuetype.
As a further question, is there a reason why this semantic
interpretation should not be extended to be a general requirement rather
than only with respect to transmission of anys? My experience has found
that passing anys tends to be expensive and is avoided where it can be.
A more general interpretation permits transmission of a comprehensive
data structure among intermediate agents that only use (unmarshall) the
information they need.
Suggested changes to the AssemblyFactory interface.
AssemblyFactory Issues.
1. Ease of use Issue. After the create operation is performed, one is
force to call lookup to get the Assembly that just got just created. Why is
a cookie returned by the create operation instead of an Assembly? Is the
reason because of security? If the interface were more open this would
still allow a secure implementation to be implemented.
Suggested change is to return an Assembly instead of a Cookie. Change
destroy operation to take in an Assembly parameter instead of Cookie.
Change lookup operation to take in a name parameter. These changes
make it consistent with the other CCM interfaces, such as Container,
KeyLessCCMHome, ComponentServer, and ServerActivator.
2. Multiple users Issue. For multiple users, how does a client know what
assemblies are created. Add a get_assemblies operation that returns a list
of assemblies. These changes make it consistent with other CCM interfaces,
such as Container, ComponentServer, and ServerActivator.
3. User-friendly identifier for Assembly Instance issue. Add an input
name parameter that can be assigned to the Assembly instance that gets
created. Add a read only name or label attribute to the Assembly interface.
in the BaseIDL there is a class StructDef which has the Attribute members of
Type Field. How can I model a IDL struct with more than one entry?
I think there should be a aggregation from StructDef (1<>----->*) to the Field
class (Page 8-10 of the CCM Spec).
*) With EnumDef there is the same problem, I guess a assotiation from EnumDef to
string (1<>----->*) would solve it (Page 8-10 of the CCM Spec).
*) Also with ExceptionDif and its attribute members (Page 8-11 of the CCM Spec).
module Components
{
valuetype Cookie
;
};
1. Naming style used in this definition violates rules defined in
"OMG IDL Style Guide" (ab/98-06-03).
2. Naming style used in this definition is inconsistent with other parts
of the CCM IDL, for example:
module Components
{
valuetype PortDescription
;
valuetype FacetDescription : PortDescription
;
}
Using the static invocation interfaces, it is possible to receive a
valuetype that derives from the one declared in an operation, as long
as a valuetype factory is known in the receiver (truncation is not the
issue here).
The same is not possible at the DII: When creating the request, the
caller must indicate what type it expects, by forming a named value.
Conceptually, the typecode in the named value should be the typecode
of the base of all acceptable value types. However, if the ORB
receives a derived type, it has no means of unmarshalling it - even if
the application has knowledge about the derived type.
What is missing is an interface to make typecodes of value types known
to the ORB; with those, the ORB could then understand the CDR of the
valuetype, and create a DynAny when asked to.
Due to the way that custom values are marshaled it is
nearly impossible for a bridge (or other process) to
process/forward GIOP messages which contain custom
marshaled values (which the bridge has no compile/run-time
knowledge of).
The main issue is that the "alignment" of the
custom marshaled data is unknown, other than the
data will always start on a four byte boundry due
to the presence of chunking.
Should/could the value encoding format be changed to
enforce eight byte alignment for all custom marshaled
data (chunks)? This would allow bridges and other
tools to process->[store]->forward messages containing
custom values.
Summary: How does this operation work?
Summary: Several of the bullets in section 11.1.5 are unclear.
Summary: Is it correct to offer the vanilla collection methods and add a new set for keyed access?
Summary: When reading a stream, there is no way of telling where context (limited to calls to begin_context and end_context) end and a new one starts.. Resolved problem with new "tag-byte" 0xFF.
I am a little confused as to the scope of the BiDirPolicy in the 2.4.1
specification. Is the BiDirPolicy a POA policy, an ORB policy, or both? In
section 15.8 paragraph 5 on page 15-55, the specification states:
"If the client ORB policy permits bi-directional use
of a connection, a Request message should contain an IOP::ServiceContext
structure in its Request header, which indicates that this GIOP connection
is bi-directional."
but then in section 15.9 paragraph 4 on page 15-59, the specification
states:
"In the absence of a BidirectionalPolicy being passed in the
PortableServer::POA::create_POA operation, a POA will assume a policy value
of
NORMAL."
but then again in the next sentence the specification states:
"A client and a server ORB must each have a BidirectionalPolicy with a value
of
BOTH for bi-directional communication to take place."
Could someone clarify for me what the intent for the scope of the policy was
here, and what the rationale behind that decision was? We are currently
reviewing how to use/fix BiDirIIOP in our submission to the firewall RFP,
and I would like to understand the issues regarding the scope of the BiDir
policy.
The creation of a TcUser interface with multiple associations does not have
a standardised way for destruction.
Proposed solutions
1. Add a destroy() method to TcUser
2. Explicitly state in the RFP that the CosLifeCycle::destroy() method should
be called once the object is no longer required.
Summary: Problem: It is not necessary to have uniqueness of Invoke Ids within a dialog.
The invoke id can be reused as soon as it is no longer active.
Proposed solution: Put in text following the discussion of management of invoke
ids in the TC spec.
In section 4.2.5 of the CCM spec formal/02-06-65, it is said that "Servant lifetime policies may be defined for each segment within a component", but there is no way to do it. Lifetime policy is declared in the CCD descriptor of the component, as an attribute of the "servant" XML element, and is implicitly applied on all the segments of the component(when it is segmented) !
Suggested resolution: to leave the servant element as it is, expressing a DEFAULT lifetime policy, and to add the same servant element as an optional child of the segment element. This will specify the lifetime policy of the segment and override the defautl one. DTD has to be changed as follows :
<!ELEMENT segment
( segmentmember+
, containermanagedpersistence?
, extension*
>
<!ATTLIST segment
name CDATA #REQUIRED
segmenttag CDATA #REQUIRED >
becomes:
<!ELEMENT segment
( segmentmember+
, servant?
, containermanagedpersistence?
, extension*
>
<!ATTLIST segment
name CDATA #REQUIRED
segmenttag CDATA #REQUIRED >
In OMG document formal/02-06-65, in section "1.3.3 Component Body", there
is this text:
"Declarations for facets, receptacles, event sources, event sinks,
and attributes all map onto operations on the component's equivalent
interface. These declarations and their meanings are described in
detail below."
In the following sections, I see facets, receptacles, event sources,
and event sinks described, but I see no mention of attributes.
It would be usefult to have an example of attributes in an appropriate
place, as outlined by section 1.3.3.
In section "1.10 Configuration with Attributes", I see that configurators
are described, but I see no example of using attributes directly
to configure a component.
It would be very useful to include a small example to illustrate
how to configure a component directly by using attributes.
Diego Sevilla Ruiz <dsevilla@ditec.um.es> gave this
C++ example on the CCM mailing list ( http://moriarty.dif.um.es/mailman/listinfo/ccm ):
======================================================
component Whatever
{ attribute long cacheMaxKb; };
home WhateverHome manages Whatever
{
};
// C++
WhateverHome_var weh = // obtain ref
Whatever_var we = weh->create();
we->cacheMaxKb(200);
we->configuration_complete();
======================================================
I don't suggest that this example be used verbatim,
but a similar example would be useful to have in the
CCM spec.
Summary: Description:
Clarification is needed on the passing of credentials.
Section 4.7.3 states that "Since all proxies will have access to the IOR of
the target object, and the certificate of the client, they can judge whether
this client may use a pass-through connection or not." Section 4.12 states
that "When a client establishes a normal connection to a target via a
trusted proxy and uses a secure transport (e.g. IIOP/SSL), in order to
achieve end-to-end authentication, the proxy will have to forward the
client"s certificate/identity to the server." Section 4.12 implies that the
ForwardedIdentity service context will only be used when using a secure
transport, but section 4.7.3 implies that the client certificate will always
be available. In fact, the ForwardedIdentity service context should only be
used in the case of a NORMAL connection using a secure transport because
those are the only conditions under which there is a notion of trust between
a requestor and the recipient of that request. This means that the only
mechanism upon which to base a decision of whether or not to allow a
PASSTHRU connection is the source host address/port.
In section 1.1.2 of the CCM specification:
1.1.2 Ports
===========
..... The component model supports four basic kinds of ports:
Well, that list includes five things, not four.
So, is an attribute considered a port or not?
The wording in this section needs to be clarified in the CCM
specification, because it is not clear if an attribute
is a port or not.
Summary: On page 9, paragraph beginning with "Within an interface...." should read "..attributes should appear after operations..."
The following information is sent in order for the specification to
clearly state if components and local interfaces can support abstract
interfaces (the specification is confusing on this point).
CORBA 3.0.1 does not explicitely states if a component can support an
abstract interface, thus it can be considered that it is possible. If so
a big problem arises as local interfaces inheriting abstract ones is
confusing in the specification.
In addition, it is neither explicitely stated that provides and uses
declarations can or cannot be of types defined through abstract
interfaces. It does not seem to make sense for a port to be an abstract
type. Facets will never be used by value, and an operation cannot
(should not) return the reference of a facet or a valuetype (which would
be in favor of provides to be defined using abstract interfaces).
Consider the following definitions which are correct regarding
formal/02-12-06:
/* omg idl3 */
abstract interface I
{ void foo () ; } ;;
interface C : Components::CCMObject, I { } ;
local interface CCM_C : I { } ;
According to formal/02-12-06, the last line may not be correct. Local
interfaces may not inherit abstract interfaces (section 10.5.28). (I use
may as it is confusing and can lead to various understanding of the
spec.)
1. State in the CORBA 3.0.1 that components cannot support abstract
interfaces. In favor: Could ne considered as a minor change. Against: a
component reference cannot be returned by an operation that can return
an object by value or by reference. This solution looks cleaner that the
second one from a software engineering point of view.
2. Clearly state that components and local interfaces can support
abstract interfaces. This use may be surprising from a software
engineering point of view, but may be important for some users. This
bring back the debate "quality vs powerfulness".
In any case, I think it should be clearly stated if local interfaces may
or may not inherit abstract ones.
Summary: When multiple union labels resolve to the same union member, the property accessor for that union member has an additional (optional) argument
Summary: The following methods should be added to DIForeignComplexType, IID should be changed: string type_name(); string scoped_name(); string_repository_id(); more details in corresponding archive file
Summary: Third bullet should read:"...are sorted based upon interface name.." Last bullet should read "..the operations introduced in the current interface are mapped last and ordered.."
Summary: Example of "on both machines" does nor correspond to the diagrams. Add "on an intermediate machine" to sentence
Identifier (FPI).
These FPIs are required for the CAD, CSD, CCD and CPF DTDs.
Proposed resolution:
Adds the CCM DTDs on the OMG web site and adds the following text in the specification:
The CORBA Software Descriptor must refer to the DTD using the following statement: <!DOCTYPE softpkg PUBLIC "-//OMG//DTD CORBA Software Descriptor 3.0//EN" "http://www.omg.org/dtd/softpkg_3_0.dtd" />
The CORBA Component Descriptor must refer to the DTD using the following statement: <!DOCTYPE corbacomponent PUBLIC "-//OMG//DTD CORBA Component Descriptor 3.0//EN" "http://www.omg.org/dtd/corbacomponent_3_0.dtd" />
replace
<!DOCTYPE corbacomponent SYSTEM "corbacomponen.tdtd">
with
<!DOCTYPE corbacomponent PUBLIC "-//OMG//DTD CORBA Component Descriptor 3.0//EN" "http://www.omg.org/dtd/corbacomponent_3_0.dtd" />
The Component Assembly Descriptor must refer to the DTD using the following statement: <!DOCTYPE componentassembly PUBLIC "-//OMG//DTD Component Assembly Descriptor 3.0//EN" "http://www.omg.org/dtd/componentassembly_3_0.dtd" />
replace
<!DOCTYPE componentassembly SYSTEM "componentassembly.dtd">
with
<!DOCTYPE componentassembly PUBLIC "-//OMG//DTD Component Assembly Descriptor 3.0//EN" "http://www.omg.org/dtd/componentassembly_3_0.dtd" />
The Component Property File must refer to the DTD using the following statement: <!DOCTYPE properties PUBLIC "-//OMG//DTD Component Property File 3.0//EN" "http://www.omg.org/dtd/properties_3_0.dtd" />
Summary: There are a bunch of code samples that use a different font than the rest of the document
Summary: Section 4.1.18.6 Table 4-14: A few of these mappings don"t seem to make sense (i.e. the meaning of the different exceptions in each object system is much different
The description for Object::get_policy (in the Core, section 4.3.7.1)
states:
"The get_policy operation returns the policy object of the specified
type (see Policy Object on page 4-32), which applies to this object. It
returns the effective Policy for the object reference. The effective
Policy is the one that would be used if a request were made."
For a policy defined by PI, I don't see anyway for the ORB to implement
this operation correctly, since there isn't any way for it to know how
to properly resolve any client override policies with the policy
information stored in the IOR.
When a invocation is actually in process, the ClientRequestInterceptor
can use the information available in the ClientRequestInfo interface to
get the client override and the IOR policy data and do the correct
resolution before continuing with the request. However,
Object::get_policy() needs to do the same type of thing, but it has no
invocation context to do it in.
I think the same problem also applies to the implementation of
ClientRequestInfo::get_request_policy().
I think we need a new interception point to do this work. Something
like:
local interface PolicyInterceptor
{ any determine_effective_policy(in PolicyInfo pi); };
local interface PolicyInfo
{ readonly attribute Object target; readonly attribute Object effective_target; readonly attribute IOP::TaggedProfile effective_profile; IOR::TaggedComponent get_effective_component (in IOP::ComponentId id); IOP_N::TaggedComponentSeq get_effective_components (in IOP::ComponentId id); };
If this turns out to be an acceptable solution, then we should also
change ClientRequestInfo to:
local interface ClientRequestInfo : RequestInfo, PolicyInfo
{ ... };
and remove the redundant operations.
Issue on Document orbos/2000-08-04, CSIv2 Joint Submission
Document: orbos/2000-08-04, CSIv2 Joint Submission
Subject: Identity Assertion of X.501 Distinguished Name is not good enough
Severity: Critical
Summary:
The Identity Token union contains a branch that is labled
X501DistinguishedName. A single DN is insufficient to identify an entity.
A path of X501Distinguished Names is needed instead. Also, other concerns
about naming types are raised.
Discussion:
An X.501 Distinguished Name is insufficient to identify a single entity.
The name must be accompanied by the name of its defining authority. In the
case of public key certificates, the names certificate authority must be
included.
The chain of DNs in this manner must be included up to a root authority
to have any definitive meaning.
This approach will be consistent with the client sending a X.509
Certificate Chain. A DN path is actually defined by the certificate chain.
Furthermore, the DN path should only come from an authority that is
acceptable to the server, whether it be a DN path, or an X.509
Certificate Chain.
The IOR should list the acceptable authorities and their name types.
It is becoming more an more evident that we must invent GSS_NT_Export_Name
types for X.509 Certificate Chain and X.501 DN path.
The SAS_ContextSec structure should list, instead of the naming types,
the naming authorities!
We shall assume that the name types of the asserted identities shall be
the same as the name types of listed naming authorities in the IOR.
This is the only way this procedure can work Interoperable and without
the client Guessing what it should do.
Suggestions:
An OID for an X.509 Public Key Certificate Chain shall be defined for a
GSS Export Name, and its encoding will be a ASN1 sequence of and X.509
certificate with the least significant certificate first.
An OID for an X.501 Distinguished Name Path shall be defined for a GSS
Exported Name, and its encoding shall be an ASN1 sequence of an X.501
Distinguished Name with the least significant name first.
To avoid having the target put a whole certificate chain in its IOR,
a new OID shall be allocated in which its GSS Exported Name encoding is a
X.501 DN path, but stipulates that the client should send a certificate
chain from that named authority. This GSS Exported Name shall only be
used in IORs and not for transmission in the Identity Token.
typedef Security::GSS_NT_ExportedName NamingAuthority;
struct CompoundSecMech
{ Security::AssociationOptions target_requires; IOP::TaggedComponent transport_mech; sequence<ServiceConfiguration> privilege_authorities; sequence<NamingAuthority> naming_authorities; };
The CORBA 2.3.1 specification does not cover the interaction between the
DynValue interface and custom valuetypes.
I frankly don't see any way that the DynValue interface can possibly
correctly handle a custom valuetype when the ORB does not have a factory
for the type. It is theoretically possible for DynValue to properly
work with a known custom type, but the implementation strategy could not
be based on parsing the marshalled form of the valuetype.
So, there are two issues that need to be addressed:
1. Should DynValue handle custom valuetypes at all?
2. For the set of custom valuetypes that it cannot handle, what
exceptions should be raised by each operations?
Issue: The association of entity component primary key and PSS key is unclear. There is only one attribute as the primary key in the CCM entity component, PSS has no primary key. An entity can be identified uniquely by the PSS key, but currently PSS permits several keys, and each PSS key can be composed of several attributes. Consequently, it is difficult to establish association between entity component primary key and PSS key, and the create and find methods can not to be mapped to the corresponding methods of PSS.
The draft CORBA 2.3 spec (ptc/99-03-07) does not deal with a potential deadlock situation. If an object is explicitly deactivated with POA::deactivate_object(), the object remains in the active object map until all operations pending on the object have completed. Any attempts to reactivate the object (implicitly via a ServantActivator, or explicitly via activate_object_with_id()) must block until the pending invocations have completed. However, if a servant's implementation of an object deactivates the object and then (directly or indirectly through a call to another collocated object) reactivates the object, the invocation will deadlock.
Summary: Existing software based on messages with ASNI format description and a future version based on IDL. Does anybody know something about such a compiler?
Summary: There is a bit of confusion in the specification concerning the
exceptions that are possible during the internalization process.
The internalize operation can raise CosLifeCycle::NoFactory and
StreamDataFormatError exceptions. This operation calls the
internalize_from_stream operation of the Streamable interface that can
raise the CosLifeCycle::NoFactory, StreamDataFormatError, and
ObjectCreationError exceptions.The last paragraph on page 8-20 (August
1997 release) states that the ObjectCreationError and
StreamDataFormatError exceptions of the internalize_from_stream
operation originate from the read_object amd read_<type> operations on
the StreamIO interface. However, the ObjectCreationError is not raised
by any of these, according to the IDL in figure 8-6.
The CCMObject interface contains numerous operations for generic
connection management (in addition to the type-specific operations
defined by equivalent IDL for a component).
However, there's a separate set of "connect" and "disconnect"
operations for each kind of port, i.e., receptacles, emitters and
publishers. This is inconvenient for generic software that treats
ports generically, such as the deployment infrastructure in an
implementation of the Deployment and Configuration specification.
The set of operations might even get larger in the future, when
Streams for CCM becomes available.
I thus propose to add generic "connect_feature" and "disconnect_
feature" operations that is able to interconnect compatible ports
regardless of the type of port.
Proposed resolution:
In section 1.11.1, "CCMObject Interface," add the following two
operations to the CCMObject interface:
module Components {
interface CCMObject : Navigation, Receptacles, Events
;
};
Add the following explanation to the same section:
connect_feature
The connect_feature operation connects the object reference
specified by the connection parameter to the component feature
specified by the name parameter. The feature must be either a
receptacle, emitter or publisher port.
If the feature identified by the name parameter is a receptacle
port, the connect_feature operation acts equivalent to calling
the connect operation on the Receptacles interface.
If the feature identified by the name parameter is an emitter
port, the connect_feature operation acts equivalent to calling
the connect_consumer operation on the Events interface. A nil
"cookie" value is returned.
If the feature identified by the name parameter is a publisher
port, the connect_feature operation acts equivalent to calling
the subscribe operation on the Events interface.
If the feature identified by the name parameter is neither
receptacle, emitter or publisher port, or if the component does
not have any feature by that name, the InvalidName exception is
raised.
disconnect_feature
The disconnect_feature operation dissolves the connection
identified by the ck cookie to the component feature specified
by the name parameter.
If the feature identified by the name parameter is a receptacle
port, the disconnect_feature operation acts equivalent to calling
the disconnect operation on the Receptacles interface.
If the feature identified by the name parameter is an emitter
port, the disconnect_feature operation raises the InvalidConnection
exception if a non-nil cookie is passed as the ck parameter;
otherwise, it acts equivalent to calling the disconnect_consumer
operation on the Events interface.
If the feature identified by the name parameter is a publisher
port, the disconnect_feature operation acts equivalent to calling
the unsubscribe operation on the Events interface.
If the feature identified by the name parameter is neither
receptacle, emitter or publisher port, or if the component does
not have any feature by that name, the InvalidName exception is
raised.
I develop CosConcurrencyControl service for JacORB, but I don't
understud from specification how client can destroy LockSet.
When I create Object which allow concurrency access, I create LockSet.
When I destroy this Object I must destroy LockSet, because it's garbage,
bu no way for this does not exists.
As solution of this problem, I add in CosConcurrencyControl.idl next
changes:
exception LockExists{};
and method
void destroy raises (LockExists);
in interface LockSet.
As I undestand this changes is wrong, but have you idea about desigion
this problem.
Summary: in section 4.9.2 last paragraph:
"Such a ProxyPushSupplier is guaranteed only to invoke operations defined in
interface I. Any event on the channel that does not correspond to an
operation defined in interface I is NOT passed on to the consumer. Such a
ProxyPushSupplier is therefore an event filter based on type".
My question is: if we have this proxy to block generic calls (push() in this
case) why does TypedPushConsumer inherit CosEventComm::PushConsumer, whish does
support push() ? Why should the generic calls like push() be blocked anyway
if (according to 4.7.1) TypedPushConsumer should support both typed and generic
models ?
Is there something I am misunderstanding ?
Summary: Issue regarding implementation of the Query IDL specifications on a Java ORB. Issue involves implementing following idl definition from the CosQueryCollection module
Summary: It is not believed that the spec ever defines what a "malformed" PropertyName is. The closest definition is in para on page 26, section 5.1.1.2 and is not much help
Summary: I understand the params to be name value pairs of columns and the values for the
selection, update, delete, insert criteria
what is in the query? I would think if this is the whole query why would you
need the params??
Summary: Need the OQS have any interface with the POS? I don"t see how the two can be interfaced.
Summary: Need all operations on the Collection be made using the SQL-92/QOL-93? If so, how is it possible to handle flat file datastores?
Issue: It is good to let CCM component definition can have operations directly, but not indirectly by "supports" keyword. The "supports" adds too much complexity when defining a compoment and compiler implementation
Summary: Is there a way that I can delegate the functionality of the Iterators to the RDBMS itself?
Summary: Section 11.4.2 para. 3 says that FieldValues may be NULL. What if my datastore is a flat file without a concept of NULL. Does NULL take on the value of empty string for flat files?
Summary: Is it not possible that objects in a collection could have changed in between calls to the iterator accessing them?
Summary: When using iterator operations like adding, inserting, etc., how are changes reflected back to the datastores?
Summary: Appendix D states that a challenge structure consists of the MD5 of the arguments, but does not specify how the arguments are laid into a stream of octets for the MD5 algorithm.
Summary: Clarifications on interfaces which support QueryableCollection.
Summary: Can an interator have a next_n()? Or is this supposed to be via subtyping the interface?
Summary: Can an iterator "reset()" throw an exception such as IteratorPositionInvalid if it is wrapping a db cursor which has no facility for reset?
I'd like to report an issue that exists in both the CORBA Component Model Specification (formal/06-04-01) and also the Lightweight CORBA Component Model specification (ptc/04-06-10) please.
In section "6.11 Component Inheritance" of formal/06-04-01 there is the statement : "A derived component type may not directly support an interface."
This same statement is made in "1.11 Component Inheritance" of ptc/04-06-10 and in "3.17.2.3 Component Inheritance" of the CORBA 3.0.3 spec (04-03-02).
But, in both "6.3.2.4 Inheritance and supported interfaces" of formal/06-04-01 and "1.3.2.4 Inheritance and supported interfaces" of ptc/04-06-10 there is the following:
"For a component declaration with the following form:
component <component_name> : <base_name>
supports <interface_name_1>, <interface_name_2>
;"
The above example is giving equivalent IDL for a declaration that the preceding statements regarding component inheritance say is not permitted. It should presumably be removed.
Summary: Where are the destroy methods on the Iterator or on the Collection?
Summary: How does the Iterator know to become invalid when the Collection is altered?
Summary: What does the IteratorPositionInvalid exception mean? Is it only that the user has cycled through the list elements and that no reset() has been issued?
Summary: On CollectionObj->remove_element_at(IteratorRef), how does the collection "know" the index?
Summary: How do IteratorObjs and CollectionObjs share state?
Summary: Using collection factories, can you add multiple elements at once, and/or add new create methods?
Summary: I assume that we are allowed to scope membership in a collection via an interface test (e.g, must be rooted off of Collection) and throw an InvalidElement exception?
Summary: Circular refrences to CosStream and CosCompoundExternalization,
i have not been able to find an idl compiler that can compile
these modules.
as aside, i have foud many syntax errors in the IDL you provide
as CORBAServices98-03-02.idl, in many of its interfaces, there are
typos, and it is not correct with the specifications.
Summary: The IDL for internalizing roles could be optimized to reduce the size of the externalized data as well as simplifying the implementation
Summary: In lock duration of Section 7.1 there are two descriptions. The role of the clients is vague to me
Summary: There is inconsistency regarding which model ConcurrencyControl needs to support
Summary: In the specification, "Related lock sets" appears only in "create_related()" and create_transaction_related()" Where do I use these methods
Summary: When internalizing a relationships, how do the "shallow" nodes and roles get included?
Summary: Role in new node are disconnected It"s role of read_graph to correctly establish new relationships. How is that accomplished?
The CCMHome interface does not provide a mechanism for locating the container that created a home. The lack of a method to get a home's container is inconsistent with the rest of the CCM model. Furthermore, this method would be very useful as it would provide a means to navigate from a component to its ServerActivator, which is currently not possible.
Resolution:
Replace the following text in formal/02-06-05 on page 1-41
interface CCMHome
{ CORBA::IRObject get_component_def(); CORBA::IRObject get_home_def (); void remove_component ( in CCMObject comp) raises (RemoveFailure); };
with
interface CCMHome
{ CORBA::IRObject get_component_def(); CORBA::IRObject get_home_def (); void remove_component ( in CCMObject comp) raises (RemoveFailure); Container get_container(); };
and add the operation description
get_container
The get_container operation returns a reference to the Container object that created this CCMHome
Summary: When Node::externalize_node is called, is node responsible for externalizing related object? What happens, if related object isn"t a CosStream::Streamable?
Summary: The second pass of operation is to "cause the node and all of its roles" to be copied. How do you get related object of the NEW roles to be the New Node?
Summary: If CosGraphs::deep propagation value is encountered, is the Node"s related object supposed to get copied, too. What if LifeCycleObject delegates to CosCompoundLifeCycle::Operations?
Summary: It seemed more useful for the concurrency service to be non-IDL, and just based on local thread identification.
Summary: For a non-transactional client who wants to get a LockCoordinator, what input values should one use for the "which argument?
Summary: CosTransactions Coordinator does not have any IDL method to remember LockCoordinator. How does it know what Lock Coordinators should be informed to drop locks?
Summary: It is not clear whether CosTransactions::Coordinator is responsible for freeing locks at the end of a transaction.
Summary: In a non-transactional lock request, the lock identity is supposedly based on thread ID. How can the server code get the client thread ID when they may be on different machines?
Summary: If the ORB suffered a communication failure while LockSet::lock() is being called, how does the client know if the lock was granted or not?
Summary: If the ORB times out while LockSet::lock() is being called, how does the client know if the lock was granted or not?
Summary: What happens when multiple calls are made to Stream::externalize() at the top level? Does the stream contain all those objects, and how does a client discover this?
Summary: The standard stream format should specify that it is portable across different ORBs and hardware, but not across streamable object implementations whch use different semantic content.
Summary: The standard stream data format does not define tags to be used to identify the beginning and end of a context.
Summary: The Externalization spec does not state how a stream implementation is to discover that a context exists when internalizing an object.
Summary: Several LifeCycle methods take a "key" argument, but do not clarify whether multiple NameComponents are allowed in a key, if ordering matters, etc.
While editing the changes from the Firewall RTF into Core Chapter 15 I noticed a
curious thing in the Firewall RTF report. It seems that the RTF chose to re-use
a PolicyType id for a new and different policy while obsoleting a published one.
The PolicyType Id in question is 37, which used to be BIDIRECTIONAL_POLICY_TYPE
associated with the structure BiDirPolicy::BidirectionalPolicy
and is now proposed to be BIDIRECTIONAL_INVOKE_POLICY associated with structure
BiDirPolicy::InvokeMode.
This appears to me to be a dangerous practice, since the fact that the published
standard may have been implemented by someone using the obsolete definition.
I would like to suggest that the recommendation of the Firewall RTF be modified
leaving the published policy type and policy as is with a note stating that it
is obsolete, and a new policy type id be allocated for
BIDIRECTIONAL_INVOKE_POLICY.
There are security tags mentioned in the SIOP
document but no definition of how to use them is ever given.
Align SIOP definition with GIOP 1.3 of CORBA2.3.1.
Problem: SIOP is currently defined to carry GIOP messages with version 1.2
and lower.
Proposed Solution: Allow GIOP 1.3 messages to be transported.
As far as I can see when using the 1988 TCAP version the submission
does not seems to handle the case where the subsystem number (SSN) is
used to seperate between several TC-User protcols per GT (typically
protocols from different vendors). The naming tree proposed for the
1988 TCAP protocol can only store one TC-User protocol per GT, that is
only one DefAc per GT can be stored (see section 4.3.1.1 in the
proposal).
The use of the SSN number for this purpose is explained in chapter
4.2.3 in the second paragraph in the ITU Recommendation Q.775.
It should be easy to fix this as one only have to use the same naming
tree structure proposed for the 1993 TCAP version in these cases.
As the interfaces currently stand, there is a minimum of 5 CORBA calls
per transaction
1. either TcPduProvider::get_dialog_id
or TcPduProviderFactory::create_tc_pdu_provider
2. TcPduProvider::invoke_req
3. TcPduProvider::begin_req
4. TcPduUser::end_ind
5. TcPduUser::result_l_ind
Given that a CORBA call is about 1 millisecond on average,
this makes for a highly inefficient interface from a high-performance
perspective,
and renders the distribution of these interfaces undesirable, and the
use of the TcPduProvider/User interfaces unlikely in a real system.
Ideally this should be reduced to a minimum of 2 CORBA calls, one for a call
going out, and one for the reply.
The Specification Translation from ASN to IDL does not appear to
require that each OPERATION carries a NoMoreAssociations exception.
This is necessary if the use of DialogFlowCtr can implicitly create a new
association during a call on an object that supports multiple associations.
There is an assumption in the design that there is a one to one
association between a TcPduUser and a TcPduProvider
during a TC Session. This is enforced in the IDL through the
call
TcPduProvider::get_dialog_id()
and the factory call
TcPduProvider create_tc_pdu_provider(
in TcPduUser user,
out DialogId d_id)
raises(NoMoreDialogs);
Since the TcPduUser reference (or some sort of reference)
is not passed over in get_dialog_id(), the only conclusion
is that the reference has to be the one passed over in the
create, and therefore that each TcPduProvider is tied to
one and only one TcPduUser.
The idl is
struct TcLinkedContext
{ DialogFlowCtr ctr; InvokeId ivk_id; InvokeId lnk_id; AssociationId a_id; };
While it is correct that these are both of the same type, the name of the type
could be confusing.
Summary: Description:
There may be some network topologies where the traversal
algorithm is not sufficient for a firewall to find a server. This is due to
an unstated assumption that all addresses within the outermost inbound
firewall are addressable from the outermost inbound firewall. Consider for
example the following topology:
| -----*Firewall B*-----Network B Internet ----- |
| -----*Firewall C*-----Network C |
Service Network (DMZ)
Assume that the addresses on the service network are
globally routable addresses, Network B uses RFC 1597 addresses and Network C
uses RFC 1597 addresses. This topology could be possible, say for a
government agency that has sub-agencies that share some resources (service
network) but maintain separately administrated networks. In this case the
outermost inbound firewall for a server on Network B or C is Firewall A.
However, when new target is invoked on Firewall A, it won"t know from the
host address whether to open a connection to Firewall B or Firewall C.
Proposed Solution:
There are several possible solutions to this problem:
1) Explicitly state the assumption described in the
description section
2) Mandate that implementations allow for the
configuration of the next inbound firewalls
3) Mandate that servers on Network B or C in such
configurations use Firewall B or C as the outermost inbound firewall.
There may be other solutions to this problem. These were
the ones that immediately presented themselves.
Summary: Issues 7-9 refer to problems with routing and/or traversal of firewalls.
These problems arise due to a lack of required information about firewall
topology in the IOR. Most of these problems could be eliminated if it were
required that the servers place the entire chain of server-side firewalls
that must be traversed into the IOR. Specifically, the first paragraph in
section 4.8 should be modified so that the entire chain of firewalls is
always required, or those situations in which it should be required should
be stated. Some of those situations are outlined in the following issues.
Specifically, it is incorrect to state that "strictly it is only necessary
to convey information on the outermost inbound firewall."
Summary: Description:
Reusing PASSTHRU connections by the firewall should be
expressly disallowed by the specification. With the current wording of the
specification, a vendor may attempt to reuse PASSTHRU connections. While
this will work in some cases, it is not interoperable because there are
cases when reusing PASSTHRU connections will not work. For example,
connection reuse when SSL is in use will not work because all of the
information that distinguishes data streams is contained within the
encrypted portion of SSL packets. If two SSL connections try to share a
single connection, there will be an SSL protocol failure because the server
will not be able to separate the data streams before it processes the SSL
packet.
Summary: Proxified object references obtained by invoking
new_target() should not be passed between ORBs. Instead the original IOR
containing the target and firewall information should be passed. The reason
for this is that the IOR does not contain enough information to inform the
second ORB whether or not it is a reference for a NORMAL or PASSTHRU
connection, or whether it is a proxified reference at all. This issue is
very tightly related to issue 2, so we will describe how it fails for each
of the possible solutions to the PASSTHRU establishment problem outlined in
issue 2.
One solution for which this is not an issue is the solution
of using a port per target. However, this is not a viable solution because
it is restrictive and will fail under moderate load. For solution 1 we
don"t have a problem because no object reference is returned by
set_target(), therefore it cannot be passed to other ORBs. For solution 2
we have a problem because the second ORB won"t know whether it is supposed
to first invoke start_passthru() or simply start making requests. Therefore
it may get a connection type that it wasn"t expecting. For solution 3 we
have a problem because once the original connection has been made, the
reference is invalid. This occurs because the firewall does not have
knowledge of how many clients are expected to try to connect to that target,
and it may attempt to claim that port for reuse before another client has
connected.
Proposed Solution:
The passing of object references obtained by invoking
new_target() should be expressly prohibited by the specification. One
example is, "The object reference returned by new_target() may not be passed
to another client. Instead the original reference that was passed as the
argument to new_target() must be passed to the second client, and the second
client will follow the rules of the traversal algorithm to reach the desired
target."
Summary: Description:
The specification does not outline a specific method by
which to obtain the initial reference to the GIOPProxy object. We believe
that an interoperable solution for obtaining this initial reference is
needed in order to insure that all implementations will be able to be
correctly configured to contact all other implementations.
Summary: OMG document orbos/98-07-03, section 4.7.4 under new_callback page 4-16,
the first paragraph reads
When the client side object adapter creates the object reference for the
callback object, it may invoke the
new_callback operation on the outermost inbound GIOP Proxy on the server
side and pass the callback object as the argument.
Say, there are no client-side firewalls and there is only one
server-side GIOPproxy firewall.
1. how does the object adapter or the client orb get access to the IOR
of the GIOPProxy object ???
2. how does the object adpater know that the object that is being
created/instantiated will be used as a callback
object ??
Does POA provide any m
Summary: Section 4.7.4 - description of new_target operation.
The first para states:
"The new_target operation informs the firewall that it should prepare itself
to
receive requests destined for the specified target. The object returned
from this
operation is the destination on the firewall to which a request on the
target should be
sent i.e. the object_key in the return object should be used in the GIOP
request header."
and the last para says:
"The object returned by the new_target operation must contain an object key
which
allows the proxy to uniquely identify the target. A client is not required
to open a new
connection to the proxy server, even when the target object(s) are located
in different
servers."
The last sentence implies that the IOR returned from the new_target has the
same host/port number as the GIOPProxy. This may not be true. For example if
a firewall is load balancing across ports and network interfaces, the
host/ports may be differnt, and in this situation a new connection is
required.
Summary: The description of firewall traversal in orbos/98-07-03 4.11 has some
significant unstated assumptions, and prescribes an algorithm that has
several flaws.
In orbos/98-07-03 4.11 it says: "A client will determine if it needs
to go through a firewall to make a request on the target object. If
the client is in the same domain a direct invocation can be made. The
client can determine this be examining the host address information in
the target IOR." This assumes that the enclave structure maps to host
addresses in some way known to all clients. This needs to be made more
explicit.
Summary: In orbos/98-07-03 4.9 it says "However, it is desirable to provide a
portable means by which the object implementor can decide whether an
object could be accessible through a firewall. The following POA
policy is defined for this purpose:" but this policy can at most
control what components are included in references created by the
POA. Since the references do not have any mechanism to defend against
forgery, exclusion of a FirewallMechanism component does not prevent
access through a firewall. If an attacker obtains some other reference
with the FirewallMechanism component(s), it can convert a reference
created under NO_EXPORT into the reference that would have been
created under EXPORT.
The description of the policy needs to be changed to make it clear
that the policy does not imply any access control enforcement. The
ability of an attacker to forge references, either by combining parts
of other references, or otherwise, should be explicitly stated as a
security issue that must be addressed by means outside this
specification.
Summary: In ptc/98-10-11 5.8.1 it says "If a client has not set up any mechanism for
traditional-style callbacks using a listening socket, then the port entry
in its IOR must be set to the outgoing connection"s local port (as
retrieved using the getsockname() sockets API call)". At IOR creation time
there may be no connection, or there may be many, so the mandated local
port may be non-existent or ambiguous.
This topic was discussed on the firewall-rtf list during Feb-Mar 1999 but
was not raised as an issue.
Summary: The remark about masquerade at the end of ptc/98-10-11 15.8 is not
explicit enough. This is an important security issue and it needs to
be made explicit that a malicious client may claim that its connection
is Bi-Directional for use with any host and port it chooses, in particular
it may specifiy the host and port of security sensitive objects.
In general, a server that has accepted an incoming connection has no
way to discover the identity or verify the integrity of the client
that initiated the connection.
Summary: In ptc/98-10-11 15.8 from the end of the fourth paragraph "any
requests from the server on an objects exported by the client to the
server via this connection will be sent back to the client on this
same connection." to the eleventh paragraph "If the client initiates a
new connection it is not foreseen here that the server can use that
connection for requests on the object exported previously." it seems
to be implied that a reference must be passed via a connection if that
connection is to be used to invoke the referenced object with
Bi-Directional GIOP.
Summary: Problem: Use UML to express relationship of interfaces.
Summary: Section number: 5
Problem: There is no way to associate more than one instance of a TcPduUser
with a GT/AC pair for incoming SS7 messages.
Summary: Section number: 5.4.4
Problem: There is no way to send dialogue data in a continue confirm.
Summary: Section number: 6.2.2
Problem: sccp_version should be changed to SIOP_version. Also the word
"agent" should be changed to "server."
Summary: Section number: 6.1
Problem: Should SIOP version number start with 1.2?
Proposed solution:
Rationale: This would allow a quick recognition of the highest GIOP version supported by
this version of SIOP.
Summary: Section number: 6
Problem: Could SIOP be changed to 7IOP, pronounced "seven-up"?
Proposed solution:
Rationale: The S in SIOP may be mistaken for Security.
Summary: Section number: Fig. 27
Problem: Shouldn’t GwTcPduHandler be replaced by GwTcPduProvider?
Summary: Section number: 7.1, page 108
Problem: Shouldn’t it be typedef string CORBA::ScopedName?
Summary: Section number: 5.4.1
Problem: DialogPortion should be a union rather than a struct. The complete IDL
is correct.
Summary: Section number: 5.2 and other sub-sections
Problem: The encapsulation BerData could potentially hold ASN.1 encoded via
other rules like PER. So is this name misleading, or too restrictive?
Proposed solution: One choice is EncodedData.
Summary: Section number: 5
Problem: Shouldn’t this section really be called TC Service Interface because it
really provides an IDL version of Q.771? Note that this requires changing the
names of various interfaces by removing the word Pdu, which should be
reasonably simple.
Summary: Section number: 4.7.1
Problem: Is it necessary to indicate that RelativeRoundTripPolicy is not
propogated to the server? Also does TC interworking require the support of the
priority policies?
Summary: Section number: 4.3.1.2
Problem: Title and text should be changed to reflect that it is dealing with creating
an association rather than initiating a dialog.
Summary: Section number: 4.2.2
Problem: There is a difference between the responder and initiator interfaces
because the initator cannot support the new association operations.
Summary: Section number: 4.2.1
Problem: The current text for DialogFlowCtr is for outgoing only. It should be
updated to reflect incoming messages from the legacy domain.
Summary: Section number: 4.2.1
Problem: Why is AssociationId a string? Should one explore the possibility of
using a combination of values supplied by both the initator and responder.
Strings do not seem to be the most scalable solution.
Summary: It should be possible to have negative invoke ids.
Summary: Section number: 4.2.1
Problem: How can we bound the range of invoke ids in the IDL? Q773 requires
invoke ids in the range -128 to 127. ROS has no limits.
Summary: Issue: 5
Section number: 3.5.1.1, item 3
Problem: We have mistakenly associated TcLinkedContext with the operation
which has the LINKED keyword rather than the actual linked operation, i.e., the
operations appearing following the LINKED keyword
Summary: Section number: 3.5.1.1, item 4 plus appropriate section of interaction translation
Problem: How to handle the sending of an empty RESULT and the reception of
such a component.
Proposed solution: Obviously no way to change the IDL from void. Need
something in the TC Repository for use by a gateway in deciding what to do.
Summary: Problem: make factory creation operations conform to the IDL style guide
Proposed solution: change the capitalization and put in underscores between
words
Summary: Problem: There is a general problem on how to specify sending an empty
Transaction PDU, such as an empty BEGIN, or an empty CONTINUE. "Empty"
means just the Transaction portion without ROS components. This problem has
to be addressed for sending an empty Transaction PDU from the CORBA side,
as well as what to do when such a PDU is received from the legacy domain.
Summary: Problem: Title does not cover the use of SS7 as signaling transport. This case is
not a TC interworking.
Summary: The submission makes no mention of HTTP tunnelling. There are many
firewalls which filter HTTP, FTP and email related traffic. Is the
omission based on the assumption that such firewalls will comprise
a CORBA conformant GIOP proxy on a well-known IIOP port? The Bi-
directional GIOP specification suggests not (section 5-1,
paragraph 2).
Is tunnelling regarded as an implementation matter? If so there
will be important issues such as relaxing GIOP/HTTP mapping and
security which the specification should clarify.
Summary: The issue comes from the following configuration:
Client - Tcp Firewall - Giop Proxy Server - Server
The server"s IOR will contains a FirewallComponent, which includes two
FirewallMechanisms - a TcpFirewallMechanism and a GIOPProxy. The issue
comes when the GIOP Proxy has multiple profiles, which may have different
host/port, and the TcpFirewallMechanism can only have one host/port. Does
that mean for any host/port specified in one of the GIOP Proxy "s profiles,
you always to connect to the host/port specified in the
TcpFirewallMechanism? This seems unrealistic since the Tcp firewall usually
provide a one-to-one mapping.
Summary:
I would like to get some clarification on the PASSTHROUGH/Untrusted Proxy
issue.
In page 4-45, the spec says "It is possible to support pass-through through
multiple proxies. For example if in the above example there was another
proxy B2 between B and C, during processing the new_target operation from A,
B can try to establish a pass-through connection to C via a call to
new_target on B2. If this fails, due to NO_PERMISSION for example, B should
fall back to try to connect through B2 using the NORMAL mode.".
If the connection (B - B2) is NORMAL, the whole connection is not a
PASSTHROUGH since the client will see the B2"s identity in the SSL session.
Should B throw back the NO_PERMISSION to the client if B get NO_PERMISSION
from B2 for PASSTHROUGH connection? If the answer is no (seems to me that is
what spec says), does this mean that it is possible that the client request
a PASSTHROUGH connection but actually get a NORMAL connection?
Summary: Chapter 5 - Bi-directional GIOP misled me in a number of points, even after
numerous readings and a discussion with an author. I believe the chapter
contains all the pertinent information; it just has to be a bit more
carefully presented.
Summary: The firewall spec defines a number of tag values from OMG managed spaces.
The values of these tags need to be assigned.
Summary: The Minimum CORBA submission describes exactly what should
be present in minimum CORBA (basically CORBA 2.2 including
the POA) in IDL/PIDL.
However, the Java language mapping in CORBA 2.2
does not include the POA -> just the APIs for registering
transient objects.
One cannot even take recourse to CORBA 2.3 to get the
language mapping, since much stuff (OBV, Java to IDL etc.)
was added in the intervening time. There does not seem to be
any existing document which documents a Java language mapping
of CORBA 2.2 including POA without lots of other stuff.
Summary: 5. The ValueHelper interface contains the method get_safe_base_ids, which is
inconsistent with current OBV terminology.
Summary: 2. The current language mapping mixes both generated code with user
written code in the same source file. This poses a very complex "tool"
issue for IDL compilers which is unnecessarily complex.
Summary: The OBV spec orbos/98-01-18 introduces a new repository ID
mechanism. It says in 5.6.2.1
>> We don"t recommand the classic id format "IDL:" <scoped name> ":"
>> <major> "." <minor> because it is not "foolproof" enough. (It is of
>> course allowable to use this format, since the CORE specification
>> does not mandate any particular form.)
The last sentence is not entirely correct, as 8.6.4 of formal/98-02-33
specifies
>> A definition is globally identified by an OMG IDL - format
>> RepositoryId if no ID pragma is encountered for it.
The issue is whether the OBV specification changes this default for
values or not
Summary: The OBV spec introduces the concept of initializers, which maps
cleanly only to languages that support overloaded constructors.
Other languages, such as C, would typically offer functions to provide
inialization of values. Since initializers are not named, an intuitive
mapping is hard to find.
Summary: The definition for interface CodeBase in module SendingContext
has a method
CORBA::InterfaceRepository get_ir();
There is no type CORBA::InterfaceRepository. I believe this was
intended to say
CORBA::Repository get_ir();
Summary: On page 5-44, a new production has been added to the grammar to allow the use of ValueBase to be used as a base type. (<base_type_spec> ::= ... | <value_type_spec). My concern is that all other types of base type specifiers have a PrimitiveKind. However, either you guys forgot or didn"t want to have, that a value or ValueBase does not have a corresponding PrimitiveKind enum value. This becomes essential later on when we want to go into the InterfaceRepository, and find that some type is a ValueBase, we will need to know this. The easiest way to do this could be through a PrimitiveDef, where it"s def_kind attribute is a dk_Primitive, and to satisfy the IDLType interface for they type attribute, we could return a TCKind of tk_value or tk_ValueBase. An alternate could be to not go the PrimitiveDef route and use a different approach. Perhaps we could have a method in the Container or Repository interfaces called create_ValueBase. This would be much like creating an unnamed type such as a sequence, a string, primitive, or array (i.e. get_primitive(), create_string(), etc. in the Repository interface). This is less likely though because create_ValueBase would need to return a type. We could return a ValueDef, but create_ValueBase wouldn"t have enough information passed to it to create on and besides, a ValueDef is named. We could have a whole new definition interface called ValueBaseDef, but this way is a pain if you ask me.
Summary: Section 5.9.7 of orbos/98-01-18 says that the TypeCode parameters for both
tk_value and tk_value_box start with a string which is the type"s
repository ID. Why? For everything except tk_interface, the repository ID
is not visible as a parameter. I believe these parameter lists should not
include repository IDs to make them consistent with the others.
I assume that the
{member_name, TypeCode} pairs in the tk_value parameter
list should appear in the order of declaration of the members in the
valuetype. This is not stated anywhere.
The visibility of each member should be added to the tk_value parameter
list. Each entry in the list should contain
where the short refers to the Visibility of the member.
The parameter list for tk_value should probably have an additional
parameter which is the TypeCode of the concrete valuetype base, if any.
Summary: For boxed values that are structs, unions, or other constructed types with
member accessor and modifier functions, their member functions such as
value(), boxed_in(), boxed_inout(), etc. may potentially clash with the
names of those accessor and modifier functions.
Solution: make the names of such special member functions start with an
underscore, e.g., _value(), _boxed_in().
Summary: The custom marshalling streams CDRInputStream and CDROutputStream
don"t support the IDL fixed type. I propose adding the following
type definition and methods:
typedef sequence<fixed> FixedSeq;
abstract value CDROutputStream
{ ... void write_fixed (in fixed value); void write_fixed_array (in FixedSeq seq, in unsigned long offset, in unsigned long length); };
abstract value CDRInputStream
{ ... fixed read_fixed (); void read_fixed_array (inout FixedSeq seq, in unsigned long offset, in unsigned long length); };
Summary: The OBV spec is not very clear about whether the Java class
generated for an IDL value has a default (no-argument) constructor.
A no-argument constructor is needed so that the Helper class
can construct a value when demarshalling. However, it should be
package-private in order to limit its visbility to the Helper
class and not expose it to client code. This is also true for
state fields declared as private in the IDL value type (which the
spec currently states are mapped to private in Java).
Summary: There"s a problem with the mapping to Java for boxed IDL values
for non-primitive Java types, for example, a boxed string or a
boxed sequence. The currently specified write_Value call doesn"t
allow these to be marshalled correctly.
Summary: The spec does not contain a clear definition of how TypeCodes for
values and value boxes are constructed. There is something about
this in section 5.6.3, but this seems to describe a variant of the
algorithm rather than the algorithm itself. Section 5.9.7 needs to
be expanded to describe this in at least as much detail as the
description of the encoding of recursive sequence TypeCodes in the
current CORBA spec.
Summary: It is not clear from the spec whether or not value boxes can be
forward declared, and used recursively. For example,
value v;
struct s
;
value v s;
If value boxes are indeed syntactic sugar, the answer should be yes.
That brings the next question: Does this mean that one can call
create_box_value_tc(), supplying NULL for the original_type, and
then later on fill in the member typecode via fill_in_recursive_tc,
supplying a ValueMemberSeq of length 1?
Summary: INSTANCE_Clone does not need an in-parameter to specify the instance to be cloned.
Summary: There are no rules governing how to free value factories in C++.
Specifically, the ORB does not know what to do with the value factory at
shutdown, and applications do not know what to do with the factory
returned by register_value_factory. Directly deleting the factories may
be hazardous (e.g. if they are shared across multiple valuetypes or even
multiple ORBs), and leaving them around may introduce memory leaks.
Summary: The OBV design for the "CORBA::tk_value" TypeCode defines a
potentially recursive constructed type that involves ValueMembers.
The "tk_value" TypeCode defines the entire complexity of the types
within the Value.
It is our understanding that when the ORB code that handles "Anys" for
C++ detects a tk_value TypeCode and needs to encode/decode the associated
Value object – (e.g., for Any::replace(TypeCode, void *) – it will
need to invoke a method on that object that understands the object
instance data and the associated state information. Further
examination of the TypeCode complexity will not be necessary by the
Any implementation, since this code would not have knowledge of or
ability to set the state information within the Value object itself.
The reason why the layout of the state information within a value
cannot be known by external code is that virtual inheritance of
abstract values and/or abstract interfaces makes it impossible to
calculate the offsets of the data members in a compiler
independent manner.
Summary: There are no typecodes for abstract interfaces. Does this mean
that abstract interfaces cannot be members of structs, unions,
or values? If so, I think this is a problem and we should add
typecodes for abstract interfaces.
Summary: 1. There are no write_Abstract and read_Abstract methods on
DataInputCtream and DataInputStream. This looks like an oversight
to me.
Summary: Section 5.8.6 gives the BNF for the GIOP encoding of values but does not
describe the semantics behind them. Some of the semantics are referred
to in earlier section and intuitive for an outsider with a little CORBA
experience. Some of the the explicit semantics seem to be missing
altogether (e.g. the "" in <end_tag>). It would be useful if the
descriptions explicitly used the names within the BNF grammar or
explicit specifications for each name in the grammar was given.
Summary: One of the common patterns used in IDL specifications is to pass a
sequence of a data type in order to cut down on network round trips.
The current OBV spec (orbos/98-01-01) even suggests sending a graph of
objects and optimizing for the case where the same object occurs
multiple times in the graph (which I assume will normally be a small
number of the total objects). The spec seems to be inefficient for
sending a large number of small objects though. I have looked at the
errata before and don"t recall any relavent changes but know the RTF are
considering some now.
Summary: The OBV spec allows a value to support multiple interfaces. In C++, such
values
are specified to derive from the POA skeletons generated from those
interfaces.
This presents a potentially intractable problem: skeletons are not designed to
be inherited together with skeletons for other interfaces because servants do
not support multiple interfaces. (The Multiple Interface RFP isn"t finished
yet, right?) The top of page 20-104 of the latest C++ mapping (orbos/98-05-08)
explicitly says
Summary: 2) In addition to the ValueMemberSeq, the input parameters to
fill_in_recursive_sequence_tc include the target TypeCode
pointer, and the RepositoryId.
What is to be done with the RepositoryId parameter ?
Is the method supposed to update the Id as well ?
If that is the case, is it an optional/required parameter ?
Summary: 1) The fill_in_recursive_sequence_tc method is intended to act
upon an existing "tk_value" TypeCode. The signature indicates
that it should return a TypeCode pointer.
What TypeCode is supposed to be returned ?
If the signature is in error, the specification should
be corrected – if not, the specification requires
some additional explanation as to which TypeCode
needs to be returned.
Summary: The OBV spec defines CDROutputStream and CDRInputStream types values for
custom marshaling. The names of these types should not contain "CDR" since
there is nothing that prevents them from being implemented to use a data
representation other than CDR.
Summary: The OBV spec adds the notion of "chunking" because it claims that "it is
anticipated that value types may be rather large, particularly when a graph
is being transmitted. Hence the encoding supports the breaking up of the
serialization into an arbitrary number of "chunks" in order to facilitate
incremental processing." (orbos/98-01-18, page 5-55)
This "feature" should be removed from the spec, since it is the job of the
underlying transport to handle this issue. GIOP already provides
fragmentation, allowing transports to handle large parameters efficiently
– why should we build yet another fragmentation solution on top of it?
Summary: Can the "public" modifier be applied to value operations? What is the default?
In the Java mapping example on page 6-64 the operations are mapped to
public operations of the Java class. However in the C++ mapping example on page
7-95, the operations are mapped to protected pure virtual functions of the generated
C++ class.
Summary: A typo: on page 8-107 of the OBV spec., interface Account should inherit ":" from
Describable and value Currency should support Describable.
Summary: The "in", "out", and "inout" modifiers on value operation parameters are
effectively comments. This is the case as a value maps to a language
pointer or reference. When it is passed in a local interface
there is no way to guarantee "in" or "out" semantics; it is passed by
reference which essentially has "inout" semantics.
These semantics should be explicitly stated.
Summary: It has been pointed out to me that we have no way of narrowing
from abstract interfaces to non-abstract interfaces and value
classes. In Java, the helper"s narrow method has a signature of
org.omg.CORBA.Object, so it cannot take an abstract interface
type. In C++, the generated classes for abstract interfaces
have an _narrow method with the right signature (taking an
AbstractBase_ptr), but generated classes for values and regular
interfaces don"t have such a method. It seems like we would
need to add overloaded narrow methods in all these places to
make this work as envisaged in (for example) numbered paragraph
3 of section 8.3.
Summary: Section 5.3.1.2 says that non-public data members should be mapped
so that "the private part of the state is only accessible to the
implementation code and the marshaling routines."
Section 6.3.1 says that non-public data members are mapped to
private instance variables.
The problem is that the Java marshaling routines are in the Helper
class, which cannot see private instance variables in the value class.
The proposed solution is to modify the Java mapping to map the default
IDL state to the default (package visibility) Java state instead of
private.
Summary: Using the idl defined in Issue # 1352, we have the send() method, in interface Foo, which takes a Base value type as it"s formal parameter. Now supposet we wish to pass a Derived value type. When marshaling the list of repository id"s, the marshaling engine has no notion of the formal type of the parameter , thus it
does not know how many safe repository id"s it needs to marshal.
Summary: In Section 5.9.1 on p. 5-55 of orbos/98-01-18, the spec says "the sending context is responsible for listing the repository ID"s for all the base types to which it is safe to truncate the real
type, going up (the derivation hierarchy) to, and including if appropriate the formal type". Currently, there is no portable way to obtain the list of type safe repository ID"s
from within the marshaling engine in order to be marshaled on-the-wire properly.
Summary: The Objects By Value (OBV) Specification (orbos/98-01-18) introduced
the concept of "keyword identifiers" in an effort to avoid breaking
existing IDL specifications. It specifies that a keyword identifier
is a word that is treated as a keyword only when used in a keyword
context, and is otherwise treated as a regular identifier.
4) Finally, the keyword identifier approach gives the impression that
IDL extensions can be made at no cost, which is simply not true.
Summary: The Objects By Value (OBV) Specification (orbos/98-01-18) introduced
the concept of "keyword identifiers" in an effort to avoid breaking
existing IDL specifications. It specifies that a keyword identifier
is a word that is treated as a keyword only when used in a keyword
context, and is otherwise treated as a regular identifier.
3) It allows IDL specifications that, while not unparseable, are
highly ambiguous, especially to a human reader. For example, Jeff
recently posted answers on how the following is to be parsed, but
there is no way that someone reading the OBV spec would be able to
figure out the rules he gave:
interface public
{ ... };;
value safe
; // Is this legal or an error?
value foo2 : safe safe
; // What about this?
value foo3
;
While all of these constructs can all be parsed using the appropriate
number of look-ahead tokens (by the way, the grammar is not LALR(1)
as the OBV Spec suggests), it is hard to read and even harder to
parse correctly. Many IDL compilers still fail to properly implement
the name lookup rules in the existing CORBA specification, and adding
keyword identifiers will only make that situation much worse.
Summary:
The Objects By Value (OBV) Specification (orbos/98-01-18) introduced
the concept of "keyword identifiers" in an effort to avoid breaking
existing IDL specifications.It allows IDL specifications that are simply unparseable. For example:
interface ValueBase {};
struct S
;
This is ambiguous because the compiler cannot know whether the type
of struct member "v" refers to the ValueBase interface or the
ValueBase keyword identifier.
Summary:
The Objects By Value (OBV) Specification (orbos/98-01-18) introduced
the concept of "keyword identifiers" in an effort to avoid breaking
existing IDL specifications.
1) First and foremost, the addition of keyword identifiers changes
the IDL grammar into a context-sensitive grammar, which are known to
be notoriously difficult to parse.
Summary: Reconcile RMI/IIOP upcall and helper class
Summary: 1) Can the "public" modifier be applied to value operations? What is the default?
Summary: p 5-50, 2nd paragraph of 5.6.2.1: it seems to me that in existing
ORBs, version inconsistencies between, eg, structs, may already corrupt
memory. The difference now is that preservation of values sharing
could make matters worse. It would be great to have this issue better
explained.
Summary: typo p 5-50, first paragraph of 5.6.2.1: *s*IDL compilerS keep on spitting...
Summary: Suggested changes (to section 5.4.1 of orbos/98-01-18) are:
1. Remove the ``;"" from the end of the definition of <value>. (It"s
in the modified <definition>.)
2. Remove [ <supports_token> <scoped_name>
{ ``,"" <scoped_name> }* ]
from the <value_inheritance_spec> non-terminal move it to a new
non-terminal, <value_supports_spec>.
3. Change the definitions of <value_abs_dcl> and <value_header>,
replacing [ <value_inheritance_spec> ] by [ <value_inheritance
_spec ] [ <value_supports_spec> ].
Summary: p 5-24, first paragraph of 5.3.1.3:
The implementation of operations may be remote if the value also
supports CORBA.Object.
typo p 5-30, last line of 5.3.2.6: may BE defined
Summary: A typo: on page 8-107, interface Account should inherit ":" from Describable and
value Currency should support Describable.
Summary: Given:
abstract interface A {};
interface B : A {};
value C : supports B {};
Can an instance of C be passed by value to an operation that expects an A?
Summary: What is the rationale for making ValueBase a value and not a native type?
It seems strange to me that a ValueBase "value" maps to java.io.serializable
in Java. Isn"t that what native was invented for?
Summary: Semantic of register_value_factory is not clear
What do applications should expect if a factory is already
registered for a given repositoryId?
The operation returns the previous factory. But it is not
clear whether it is overriden or not.
Summary: In the Java mapping example on page 6-64 the operations are mapped to
public operations of the Java class. However in the C++ mapping example on page
7-95, the operations are mapped to protected pure virtual functions of the
generated C++ class.
Summary: According to the object-by-value C++ mapping, the value type that is
not boxed results in an abstract C++ class. Basically, the reference
counting methods are not provided (abstract). It is the responsibility of
application developer to define/implement a concrete class. Althought
this can be done, there are some issues:
Summary: The default ref-counting classes are said to be "fully concrete".
Is this really necessary?
What is the semantic of "_copy_value" for the ref-counting class?
=> suggest that "_copy_value" MUST NOT be implemented
(It is implemented by "_copy_value" of the real value type)
Summary: - What is the return type of "_add_ref" and "_remove_ref"
(defaults to "int", but what is the semantic of the result value)
=> propose to change to "void"
Summary: I have an important issue concerning the C++ mapping and the fact
that application developers need to define/implement the concrete
value class.
Summary: Clarify the exact semantics of computing the hash code and comparison semantics for type equivlanece. (lost email, paraphrase of issue)
Summary: Section 5.6.3 Hashing Algorithm (and 5.6.2)
long long hash = sha[1] << 32 + sha[0]
Summary: 2) How does one find out a RepositoryID for registering a factory or a streaming
policy?
Summary: Why is the 64 bit hash code at the end of the string and
not at the beginning ? This can speed up the comparison
when two repository Ids are different.
Summary: It is not clear whether the #pragma prefix is still part
of the repository Id. I think it should be.
Summary: Clarify the hash code algorithm
Summary: TypeCodes:
Summary: Missing member_kind and member_tc
Summary: Also, the OBV spec defines a describe_value() operation in interface ValueDef
which returns a FullValueDescription structure. Is there supposed to be another
operation which returns the shorter ValueDescription structure?
Summary: If a value type can inherit from a Boxed Value then what is the implicit name of
the Value Box"s single data member?
Summary: p.6.68: It is a bit awkward that boxed values of "complex" types map
all to the same type (i.e., as for typedefs, the value"s name appears
only in holder/helper classes), and that each boxed value of "basic" type
maps to its individual class. Instead, boxed values of basic types
could map to the corresponding java.lang.* class, e.g.
java.lang.Integer, java.lang.Short, etc. An issue with this approach
is that java.lang.Short and java.lang.Byte are not defined in JDK
1.0.2. I doubt however this JDK is still much in use; for its users,
short and octet could optionally map to e.g. CORBA.ShortValue and
CORBA.ByteValue (inspired from CORBA::StringValue).
Summary: 5.3.3: Is it possible to have a value inherit from (ie, support) a
boxed value ? If yes, the Java mapping of boxed values of type
string, sequence and arrays should be changed because String
and arrays can"t be extended in Java.
Summary: Section 5.4.2 "New lexical type - Keyword Identifier" the statement is made that
"new keyword identifiers should only be added such that the resulting grammar is
still easily parsable, e.g. is LALR(1).". It seems to me that is not true even for
the newly introduced keyword identifiers in many cases.
Summary: Can a Value type inherit from a Value Box type (the Value Box is described
as been syntactic sugar for a Value type)?
Summary: Above rules seem to imply that the
"safe" keyword identifier can only occur before the first scoped name in the
<value_parent_spec>, whereas I think the actual intent is that it can only
occur before a non-abstract value type, of which there is at most one in the
list, although it need not be the first. Since this can"t be expressed in the
rules exactly, I would simply amend the rule to be:
<value_parent_spec> ::= ":" [ <safe_token> ] <scoped_name>
{ "," [ <safe_token> ] <scoped_name> }
*
and simply express the semantic restriction in the text. There already is a
brief mention of the semantics of the "safe" keyword in section 5.3.2.5
"Substitutability Issues". Perhaps another sentence or two would help clarify
the intended usage.
Summary: The OBV spec (orbos/98-01-18) does not specify which TypeCode operations apply
to Value and ValueBox types. For example, are id(), name(), member_name(),
member_count(), member_type(), etc. valid for Value and ValueBox or should they
raise BadKind exception?
I don"t see why they should not be valid. Normative text should be added in
CORBA 2.2 section 8.7.1 TypeCode Interface to reflect this and the comments in
the IDL should also be updated.
Summary: 2) Attribute "name" in interface ValueMemberDef clashes with attribute "name"
inherited from Contained. A different name should be used, something like
"value_member_name"
Summary: 1) ValueDefSeq is used in a couple of places but is never defined. A typedef
for it is missing.
Summary: 1) Can a Value type inherit from a Value Box type (the Value Box is
described as been syntactic sugar for a Value type)? If so, what is the
implicit name of the Value Box"s single data member?
Summary: If number of dimensions of an input SAFEARRAY does not match the mapped CORBA type, the Automation View should generate the HRESULT DISP_E_TYPEMISMATCH
Summary: There should be straight dispatch versions of DCORBAObject and DORBObject
Summary: Second to last paragraph of the section contains the term "CORBA proxy" which should be changed to Automation View Interface.
Summary: The "retval" attribute should be removed from the second argument in both methods. MIDL does not have a retval attribute
Summary: When translating a BSTR to a CORBA bounded string, boundary violations should cause the View to propagate DISP_E_OVERFLOW
Summary: "..maximum value of an Automation short" should read "..maximum value of a CORBA::UShort
Summary: Page 2-30, top of page, end of section 2.7.1: There is a label "Examples:" but no example follows
Summary: There should be a standard name for the Automation View interface.
Summary: ODL which shows an extra, optional parameter for exception information on property-get or property-set method is erroneous, since MKTYPLIB doesn"t allow extra parameter on property accessor
Summary: I suggest that the automation chapter be changed to align with the architecture chapter
Summary: The uuid for DForeignException has an extra 0. It should be E977F907-3B75-11cf-BBFC-444553540000
Summary: The return value type should be DICORBATypeCode*, not IDispatch. The return value of member_label should be a DICORBAAny* rather than VARIANT
Summary: Enum CORBATCKind omits the boolean kind (p.4-123, section 4.1.12) I recommend adding it to the end of list to preserve backward compatibility. Also missing tk_char.
Summary: This property should be removed because the INSTANCE_repositoryId property in IForeignComplexType provides this functionality
Summary: Section 4.1.12: DICORBAtypeCode::kind has one parameter of type TCKind. It should be of type CORBATCKind
Summary: There should be a standard ProgramId for the class which exposes D(I)CORBAAny
Summary: When mapping bounded sequences, should the Automation View accept as an in-parameter a Safearray whose upper bound is less than the maximum lenght of the mapped sequence?
Summary: The VB cannt handle array out-parameters. Must use in-outs.
Summary: The enum should be named CORBA_CompletionStatus instead of CORBA_ExceptionType
The spec described that the exception AdapterInactive is not in the POA interface when using minimum corba. This exception has been removed from the normal spec, and POA is a local interface now
In the text of this document the policies are described and what minimum corba supports. In the text for example it says for ThreadPolicy only ORB_CTRL_MODEL is supported, SINGLE_THREAD_MODEL not. Why is the enum ThreadPolicyValue completely zapped from IDL, why not just define this enum with one member. Makes it possible to check for this enum, according to the spec the enum should be completely zapped.
The LwCCM removes the usage of cidl from CCM, but this looses also the fixed name of the base class of the executor. The spec should define how the base class of an executor is generated by the framework, so that the implementor of the executor can write a portable executor
In section 10.3.1.2 the typedef CCMObjectSeq is listed, we propose to move it to Section 6.11.1 just after the definition of CCMObject
The CCM spec describes the event mechanism default part of CCM. We want to propose to change this event machine to a connector based model as part of the DDS4CCM specification. Then there would be an event connector and the container then is much more light weight and easier to use. People that don't want to use CORBA event machinisms don't pull in all the dependent code
The IDL file 07-02-01 related to CCM is lacking ResourceCommitmentManager
HomeConfiguration::set_configuration_values documentation should mention which exception to thrown when an any/name value pair has a not supported name or when the any can't be extracted
The IDL file 07-02-01 related to CCM we have the following exceptions
exception LastConfiguration {
};
exception InvalidReference {
};
LastCOnfiguration is not listed at all in 06-04-01 and 06-04-02
InvalidReference is listed in 06-04-02 in text and diagrams, but not in idl at all
The spec mentions InvalidConfiguration as exception but there is no idl in this spec that describes this exception and its members
We would like to add a request to add the following IDL type. Just add a sequence of CCMHome typedef sequence<CCMHome> CCMHomes;
The D&C IDL part doesn't match 06-04-02. For example TargetManager is not correctly in 06-04-01 and has its errors in 06-04-02
The NVList has a count, which is defined as long, it would be better to make this an unsigned long. This has impact on ORB::create_list, change the type of argumetn count to unsigned long. Also update NVList::get_count to have an unsigned long argument.
In the Interceptor interface there is a destroy method which can throw a system exception just like all other corba calls. What is the behaviour when the orb shutdown is done and an Interceptor::destroy() call throws an exception? Should the ORB ignore this exception and continue the shutdown or should it return the exception to the caller. I would except ignore the exception and continue but the spec doesn't describe the behaviour.
The tags for unreliable multicast are missing. // The following are defined in 03-01-11 const ProfileId TAG_UIPMC = 3; const ComponentId TAG_GROUP = 39; const ComponentId TAG_GROUP_IIOP = 40;
The minor code for add_reply_service_context is not correct. The spec says: Indicates the behavior of this operation when a service context already exists with the given ID. If false, then BAD_INV_ORDER with a standard minor code of 11 is raised. If true, then the existing service context is replaced by the new one. The minor code should be 15.
This corba spec describes POAManagerFactory. I have been searching on the web and it seems for example Orbacus has the possibility to do a resolve_initial_references ("POAManager"). This seems not possible with the latest corba spec. This seems an usefull extension. The only option there is now is to get the RootPOA, get from there the POAManagerFactory and use that again.
For activate_object_with_id it is described that when SYSTEM_ID has been set and the object id was not generated by this system or tis POA we throw a BAD_PARAM, but the minor code is not described. Shouldn't this have an unique minor code?
The following methods are not described in this chapter: Object make_object (in string repository_id, in ObjectId id); IOP::TaggedProfileSeq make_profiles (in string repository_id, in ObjectId id); These are mentioned in 21.10.3
In the C++ example code of 22.11.3 Messaging::ExceptionHolder_ptr is used, for valuetypes there is no _ptr, the could should read Messaging::ExceptionHolder *
There are some issues with the definition of ExceptionHolder. In 22.16 it is as below, see the raise_exception_with_list, this seems to have two arguments here, in 22.7 there is just one argument. The same problem also appears in the draft 3.1 spec. Also, there is no CORBA::ExceptionList defined in the spec at all, there is Dynamic::ExceptionList but no CORBA::ExceptionList. valuetype ExceptionHolder { void raise_exception() raises (UserExceptionBase); void raise_exception_with_list( in CORBA::ExceptionList exc_list) in Dynamic::ExceptionList exc_list) raises (UserExceptionBase); private boolean is_system_exception; private boolean byte_order;
The CORBA spec describes the following about the wait_for_completion parameter of the POA::destroy call: The wait_for_completion parameter is handled as follows: If wait_for_completion is TRUE and the current thread is not in an invocation context dispatched from some POA belonging to the same ORB as this POA, the destroy operation returns only after all active requests have completed and all invocations of etherealize have completed. If wait_for_completion is TRUE and the current thread is in an invocation context dispatched from some POA belonging to the same ORB as this POA, the BAD_INV_ORDER system exception with standard minor code 3 is raised and POA destruction does not occur. We have a use case where we have an ORB with two POA's, A1 and B1, each POA again has a child A2 and B2. In case we get a request for a servant of A2 to destroy POA B2 and we specify TRUE for wait_for_completion then we get an exception back, but this doesn't seem locally. We understand that when we want to destroy A1 when handling a request using a servant of A2 that we get an exception at that moment. We propose the change the description as following: The wait_for_completion parameter is handled as follows: If wait_for_completion is TRUE and the current thread is not in an invocation context dispatched from some POA that is a child of this POA or from this POA itself, the destroy operation returns only after all active requests have completed and all invocations of etherealize have completed. If wait_for_completion is TRUE and the current thread is in an invocation context dispatched from some POA that is a child of this POA or from the POA itself, the BAD_INV_ORDER system exception with standard minor code 3 is raised and POA destruction does not occur.
In case get_slot is called from withing an ORB itializer chapter 21.4.3.1 says a BAD_INV_ORDER with minor code 10 is thrown, this should be 14 as mentioned also in 21.7.2.11
The draft document says the following in 21.9.1. The description about the type of exceptions sounds very vague. Shouldn't the spec be more detailed, which type of exceptions should be ignored specifically? Any exceptional return from the invocation of any operation of the ORBInitializer interface other than those resulting from the failure to instantiate a portable interceptor object shall result in the abandonment of the ORB initialization and destruction of the ORB. Any ORBInitializer implementation that needs the ORB to ignore any thrown exceptions can simply catch and discard them itself.
In the draft 3.1 spec chapter 21.7 says the following: An Interceptor's behaviour may itself be modified by one or more Interceptor Policies. These Policy objects are created using a call to ORB::create_policy and are associated with an Interceptor during registration (see Section 21.7.2, ORBInitInfo Interface). All Policy interfaces defined in this section are local. The ORB can be accesed via the implicit get_orb operation of ORBInitInfo. The ORBInitInfo is passed on the pre_init and post_init call of the ORBInitializer but what should be the orb in the pre_init call? The orb is not initialized at that moment? Shouldn't it say that calling get_orb on the ORBInitInfo in t