There are several things that are intriguing about Brian Huff
. He is probably one of the more transparent ECM folks in the blogosphere and publicly admits when things are wrong and doesn't simply use his blog as a one-way press release. I have the utmost respect for him and his thoughts on Bad WSDLs in the ECM Industry
If only our favorite ECM bloggers from Filenet, Nuxeo, Documentum
and Alfresco could be as transparent. Anyway, I figured I would comment on his most thoughtful post:
I feel this is probably because most Enterprise Content Management vendors are still pretty green when it comes to the value of web services, and service-oriented architectures (SOA).
I agree that they are green but what allows them to be so lame? Many of them are employed by software houses that have the talent in-house to do it right. Don't the ECM folks ever bump into the security and SOA folks in the cafeteria or outhouse? Is there any sense of embarassment on being that far behind the times?
And, as I said earlier, custom security integrations are fairly simple... so "deferring authorization" is possible in a number of ways.
While I am a fan of the ability for customers to easily customize, what would it take for Oracle to simply put it in the box? Oracle is a thought leader on XACML and has extended the concept by introducing CARML and AARML (Virtual Directory team). Likewise, the inventors of SPML also work for Oracle (Thor acquisition). Its even better that folks such as Prateek Mishra who was early on SAML also works for Oracle. This should not be a customer driven integration but an afternoon coding party amongst Oracle employees. I would think that making your products deeper integrated would appeal to at least lots of folks internally?
but that limitation is mainly due to the fact that Stellent was several orders of magnitude smaller than the competition, and thus comprehensive developer documentation was a lower priority...
I have a problem with this statement as this somehow implies that larger guys actually have better documentation which probably isn't true. Although large vendors have the potential
of doing better, most spend their money on sales folks whose sole purpose in life is to ensure that my inbox always over its quota.
However, its a genuine web service, and not a lame wrapper around an existing fine-grained API... which I believe is what James was complaining about.
Ring the bell. This is one of the most fugly things an ECM vendor can do. I hope that the marketplace will start calling out abortion-oriented architectures that use this approach.