Feeds

Nerves jarred by Apache's Synapse

When is an ESB, not an ESB?

SANS - Survey on application security programs

Apache Software Foundation (ASF) supporters are downplaying concern about the impact of commercial interests on ASF's direction, as the group fires up its latest project.

David Chappell, vice president and chief technology evangelist for Sonic Software and participant in the proposed Synapse Project, said while it was possible a single vendor could "stack the deck" with code committers on a given project, it is the community who shapes and delivers the final results.

Sonic is one of five companies participating in Synapse, announced earlier this week. Synapse had been described as a web services broker/enterprise service bus (ESB) but it is now billed as a "web services mediation framework".

Chappell told The Register Synapse would define a set of technologies that could be used across ESBs in addition to web services managers and web services brokers.

Initial Synapse committers are ESB and integration specialists Iona and Sonic, web services management vendors Infravio and Blue Titan, and middleware start-up WS02. Initial code for Synapse will be donated by Infravio.

It's not unusual for vendors to participate in community projects or standards work in areas where they have product experience. Concern has surfaced with Synapse, though, because this is an open source effort that appears to duplicate existing community ESB work.

The ObjectWeb Consortium announced plans to federate related ESB and service oriented architecture (SOA) projects in June 2004. Since then, the group has attracted 11 projects from 10 commercial and government organizations including Synapse backer Iona. Sonic also met ObjectWeb at the group's ESB kick-off event in Paris.

ObjectWeb said it is concerned that vendors are playing one open source community off against another to serve their own "marketing agendas". ObjectWeb representative Francois Letellier warned this dilation of work could increase wariness of open source in the industry. "ObjectWeb started an ESB initiative over one year ago. We feel it would be in the best interest of everyone to use it to federate ESB and SOA related projects," Letellier said.

Jean-Pierre Laisne, ObjectWeb chairman, added in a statement: "It would be a shame [if the] good will of open source developers turns out to be a new way to facilitate lock in."

Apache director Jim Jagielski, writing in an e-mail exchange, said Apache has a "long and valued history " of encouraging both commercial non-commercial involvement in projects. "That does not mean that the ASF is, in any way, relinquishing "control" or oversight or ownership of the project to any other entity," Jagielski said. He also called it "misleading rhetoric" to suggest one company was leading Synapse.

Apache thrives on the concept of "meritocracy" where individuals earn the right to contribute code to projects. Letellier warned, though, the resources commercial companies can bring to bear, in terms of employee hours and code contributions, could "compromise the ASF as a meritocracy". "Commercial backing might kill the golden goose," Letellier said.

Chappell conceded a single company could flood a given project with its own supporters, who become code committers, but said he'd not witnessed any evidence of that in Synapse. "There's nothing preventing a company from stacking the deck, so to speak. So far, I haven't seen that happening in the Synapse project," Chappell said.

He also supported the initial donation of web services management vendor Infravio's code to the project. "To have an incubation project you have to have a code base to donate that... that's no reflection of what the final Synapse will look like, that's to get us through the incubation phase," Chappell said.

Chappell added that Synapse members are in close contact with ObjectWeb and planned to work with them. "They will be joining Synapse. It's a goal we have to not duplicate effort, we want to share work where possible. Celtix [ObjectWeb's open source Java ESB led by Iona] may use parts of Synapse and Synapse may use parts of Celtix. It's up to the open source community," he said.®

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.