For my last session — I have to leave for the airport around the time that the roundtables start — I sat in on Pat Cappelaere of Vightel discussing workflows, Identity 2.0 and delegated authority using REST.
He showed how lightweight protocols like ATOM — rather than SOAP — can be used to allow the quick mashup of information in near real time. He spent quite a bit of time on the advantages of a RESTful approach (summary: it’s easier), and the nature of the basic commands (post, get, put, delete) for managing web-based resources.
Where identity comes into all this is that some resources that might contribute to a mashup could be behind some type of access control, and the source system can’t manage the identities of all of the people who might want to access the end product. Identity 2.0 allows for the delegation of authentication to a trusted provider, i.e., using your OpenID (from Yahoo or other providers) on other sites instead of creating a user account on that site directly. That looks after basic authentication, but there also needs to be some authorization or pre-approval of transactions, which is what OAuth has been created for.
He’s using the term workflow to mean (I believe) the steps to assemble and process various resources and services into a web application: a service orchestration of various resources on the web using lightweight protocols. To implement this, they’ve created a RESTful version of the workflow bindings defined by WfMC as WfXML.
This was interesting, but I’m not at all clear what it was doing at this conference.