Web Services Choreography Description Language Version 1.0

1.1 Notational Conventions

The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119].

The following namespace prefixes are used throughout this document:

This specification uses an informal syntax to describe the XML grammar of a WS-CDL document:

• The syntax appears as an XML instance, but the values indicate the data types instead of values.

• Characters are appended to elements and attributes as follows: "?" (0 or 1), "*" (0 or more), "+" (1 or more).

• Elements names ending in ". . ." (such as "<element. . ./>" or "<element. . .>") indicate that elements/attributes irrelevant to the context are being omitted.

• Grammar in bold has not been introduced earlier in the document, or is of particular interest in an example.

• "<-- extensibility element -->" is a placeholder for elements from some "other" namespace (like ##other in XSD).

• The XML namespace prefixes (defined above) are used to indicate the namespace of the element being defined.

• Examples starting with "<?xml" contain enough information to conform to this specification; other examples are fragments and require additional information to be specified in order to conform.

An XSD is provided as a formal definition of WS-CDL grammar (see Section 11).

Where there is any discrepancy between the text of this specification, the fragments of informal schema and the full formal schema in the appendix then it is an error in the specification. Should such an error come to light please notify W3C. While awaiting resolution, the text takes priority over the formal schema in the appendix, which takes priority over the informal schema fragments.

1.2 Purpose of WS-CDL

Business or other activities that involve different organizations or independent processes are engaged in a collaborative fashion to achieve a common business goal, such as Order Fulfillment.

For the collaboration to work successfully, the rules of engagement between all the interacting participants must be provided. Whereas today these rules are frequently written in English, a standardized way for precisely defining these interactions, leaving unambiguous documentation of the participants and responsibilities of each, is missing.

The WS-CDL specification is aimed at being able to precisely describe collaborations between any type of participant regardless of the supporting platform or programming model used by the implementation of the hosting environment.

Using the WS-CDL specification, a contract containing a "global" definition of the common ordering conditions and constraints under which messages are exchanged, is produced that describes, from a global viewpoint, the common and complementary observable behavior of all the participants involved. Each participant can then use the global definition to build and test solutions that conform to it. The global specification is in turn realized by combination of the resulting local systems, on the basis of appropriate infrastructure support.

The advantage of a contract based on a global viewpoint as opposed to any one endpoint is that it separates the overall "global" process being followed by an individual business or system within a "domain of control" (an endpoint) from the definition of the sequences in which each business or system exchanges information with others. This means that, as long as the "observable" sequences do not change, the rules and logic followed within a domain of control (endpoint) can change at will and interoperability is therefore guaranteed.

In real-world scenarios, corporate entities are often unwilling to delegate control of their business processes to their integration partners. Choreography offers a means by which the rules of participation within a collaboration can be clearly defined and agreed to, jointly. Each entity may then implement its portion of the choreography as determined by the common or global view. It is the intent of WS-CDL that the conformance of each implementation to the common view expressed therein is easy to determine.

The figure below demonstrates a possible usage of WS-CDL.

In Figure 1, Company A and Company B wish to integrate their Web Services based applications. The respective business analysts at both companies agree upon the services involved in the collaboration, their interactions, and their common ordering and constraint rules under which the interactions occur. They then generate a WS-CDL based representation. In this example, a choreography specifies the interactions between services across business entities ensuring interoperability, while leaving actual implementation decisions in the hands of each individual company:

• Company "A" relies on a WS-BPEL [WSBPEL] solution to implement its own part of the choreography

• Company "B", having greater legacy driven integration needs, relies on a J2EE [J2EE] solution incorporating Java and Enterprise Java Bean Components or a .NET [C#S] solution incorporating C# to implement its own part of the choreography

Similarly, a choreography can specify the interoperability and interactions between services within one business entity.

1.3 Goals

The primary goal of the WS-CDL specification is to specify a declarative, XML based language that defines from a global viewpoint the common and complementary observable behavior specifically, the information exchanges that occur and the jointly agreed ordering rules that need to be satisfied.

More specifically, the goals of the WS-CDL specification are to permit:

• Reusability. The same choreography definition is usable by different participants operating in different contexts (industry, locale, etc.) with different software (e.g. application software)

• Cooperation. Choreographies define the sequence of exchanging messages between two (or more) independent participants or processes by describing how they should cooperate

• Multi-Party Collaboration. Choreographies can be defined involving any number of participants or processes

• Semantics. Choreographies can include human-readable documentation and semantics for all the components in the choreography

• Composability. Existing choreographies can be combined to form new choreographies that may be reused in different contexts

• Modularity. Choreographies can be defined using an "inclusion" facility that allows a choreography to be created from parts contained in several different choreographies

• Information Driven Collaboration. Choreographies describe how participants make progress within a collaboration, through the recording of exchanged information and changes to observable information that cause ordering constraints to be fulfilled and progress to be made

• Information Alignment. Choreographies allow the participants that take part in choreographies to communicate and synchronize their observable information

• Exception Handling. Choreographies can define how exceptional or unusual conditions that occur while the choreography is performed are handled

• Transactionality. The processes or participants that take part in a choreography can work in a "transactional" way with the ability to coordinate the outcome of the long-lived collaborations, which include multiple participants, each with their own, non-observable business rules and goals

• Specification Composability. This specification is intended to work alongside and/or complement other specifications such as the WS-Reliability [WSRM], WS-Composite Application Framework (WS-CAF) [WSCAF], WS-Security [WSS], Business Process Execution Language for WS (WS-BPEL) [WSBPEL], ebXML Business Process Specification Schema [ebBP20], [BPSS11], etc.

1.4 Relationship with XML and WSDL

The WS-CDL specification depends on the following specifications: XML 1.0 [XML], XML-Namespaces [XMLNS], XML-Schema 1.0 [XMLSchemaP1], [XMLSchemaP2] and XPath 1.0 [XPTRF]. Support for including and referencing service definitions given in WSDL 2.0 [WSDL20] is a normative part of the WS-CDL specification. In addition, support for including and referencing service definitions given in WSDL 1.1 as constrained by WS-I Basic Profile [BP11] is a normative part of the WS-CDL specification.

1.5 Relationship with Business Process Languages

WS-CDL is not an "executable business process description language" or an implementation language. The role of specifying the execution logic of an application will be covered by these [XLANG], [WSFL], [WSBPEL], [BPML], [XPDL], [JLS], [C#S] and other specifications.

WS-CDL does not depend on a specific business process implementation language. Thus, it can be used to specify truly interoperable, collaborations between any type of participant regardless of the supporting platform or programming model used by the implementation of the hosting environment. WS-CDL may couple with other languages such as those that add further computable semantic definitions.

Each participant, adhering to a WS-CDL collaboration representation, could be implemented using completely different mechanisms such as:

• Applications, whose implementation is based on executable business process languages [XLANG], [WSFL], [WSBPEL], [BPML], [XPDL]

• Applications, whose implementation is based on general purpose programming languages [JLS], [C#S]

• Or human controlled software agents

1.6 Time Assumptions

Clock synchronization is unspecified in the WS-CDL technical specification and is considered design-specific. In specific environments between involved participants, it can be assumed that all participants are reasonably well synchronized on second time boundaries. However, finer grained time synchronization within or across participants, or additional support or control are undefined and outside the scope of the WS-CDL specification.

1.7 Authoritative Schema

In the event of any ambiguity or differentiation between the WS-CDL fragments and the appendix with the full schema, the full schema takes precedence.

3.1 Choreography Package

A choreography package aggregates a set of WS-CDL type definitions, provides a namespace for the definitions and through the use of XInclude [XInclude], MAY syntactically include WS-CDL type definitions that are defined in other choreography packages.

The syntax of the package construct is:

<package  
   name="NCName" 
   author="xsd:string"?
   version="xsd:string"?
   targetNamespace="uri"
   xmlns="http://www.w3.org/2005/10/cdl">

   <informationType/>*
   <token/>*
   <tokenLocator/>*
   <roleType/>*
   <relationshipType/>*
   <participantType/>*
   <channelType/>*

   Choreography-Notation*
</package>

The choreography package contains the following WS-CDL type definitions:

• Zero or more informationTypes

• Zero or more tokens and token locators

• Zero or more roleTypes

• Zero or more relationshipTypes

• Zero or more participantTypes

• Zero or more channelTypes

• Zero or more package-level choreographies

The top-level attributes name , author , and version define authoring properties of the choreography document.

The targetNamespace attribute provides the namespace associated with all WS-CDL type definitions contained in this choreography package. WS-CDL type definitions included in this package, using the inclusion mechanism, MAY be associated with other namespaces.

The elements informationType , token , tokenLocator , roleType , relationshipType , participantType and channelType MAY be used as elements by all the choreographies defined within this choreography package.

3.2 Including WS-CDL Type Definitions

WS-CDL type definitions or fragments of WS-CDL type definitions can be syntactically reused in any WS-CDL type definition by using XInclude [XInclude]. The assembly of large WS-CDL type definitions from multiple smaller, well-formed WS-CDL type definitions or WS-CDL type definitions fragments is enabled using this mechanism.

Inclusion of fragments of other WS-CDL type definitions should be done carefully in order to avoid duplicate definitions (variables, blocks, etc.). A WS-CDL processor MUST ensure that the document is a conforming WS-CDL document [Conforming Document]. It MAY verify that the document conforms to the provided schema [WS-CDL Schema].

The example below shows some possible syntactic reuses of WS-CDL type definitions.

<choreography name="newChoreography" root="true">
...
   <variable name="newVariable" informationType="someType"
             roleType="randomRoleType"/>
   <xi:include href="genericVariableDefinitions.xml"/>
   <xi:include href="otherChoreography.xml"
               xpointer="xpointer(//choreography/variable[1])"/>
... 
</choreography>

3.3 WS-CDL document Naming and Linking

WS-CDL documents MUST be assigned a name attribute of type NCNAME that serves as a lightweight form of documentation.

The targetNamespace attribute of type URI MUST be specified.

The URI MUST NOT be a relative URI.

A reference to a definition MUST be made using a "QName".

Each WS-CDL type definition has its own name scope.

Names within a name scope MUST be unique within the WS-CDL document.

The resolution of a "QName" in WS-CDL is similar to the resolution of a "QName" as described by the XML Schemas specification [XMLSchemaP1].

3.4 Language Extensibility

To support extending the WS-CDL language, this specification allows the use of extensibility elements and/or attributes defined in other XML namespaces inside any WS-CDL language element.

Extensibility elements and/or attributes MUST use an XML namespace different from that of WS-CDL.

All extension namespaces used in a WS-CDL document MUST be declared.

Extensions MUST NOT contradict the semantics of any element or attribute from the WS-CDL namespace.

3.5 Semantics

Within a WS-CDL document, descriptions may reference semantic definitions and other documentation. Zero or more description sub-elements are allowed inside any WS-CDL language element. Descriptions MAY be text or document references defined in multiple different human readable languages. Where machine processable, WS-CDL parsers are not required to parse the contents of the description sub-element.

The information provided by the description sub-element will reference the descriptions in any or all of the following areas:

• Text. Plain text, HTML or other non-encoded text formats may apply (e.g. text/plain, text/html, text/sgml, text/xml, etc.).

• Document Reference. This MAY contain a URI to a document that more fully describes the component.

• Machine Oriented Semantic Descriptions. This MAY contain machine processable definitions in languages such as RDF [RDF] or OWL [OWL]. This description MAY contain a URI.

The semantics of any element or attribute from the WS-CDL namespace SHOULD remain unchanged and MUST NOT be contradicted.

4.1 RoleType

A roleType enumerates potential observable behavior a participant can exhibit in order to interact. For example, the "Buyer" roleType is associated with the purchasing of goods or services and the "Supplier" roleType is associated with providing those goods or services for a fee.

The syntax of the roleType construct is:

<roleType name="QName">
   <behavior name="NCName" interface="QName"? />+
</roleType>

The attribute name is used to specify a distinct name for each roleType element declared within a choreography package.

Within the roleType element, a behavior element specifies a subset of the observable behavior a participant exhibits. A roleType MUST contain one or more behavior elements. The attribute name within the behavior element is used to specify a distinct name for each behavior element declared within a roleType element.

The behavior element defines an OPTIONAL interface attribute, which identifies a WSDL interface type. A behavior without an interface describes a roleType that is not required to support a specific Web Service interface.

4.2 RelationshipType

A relationshipType identifies the roleTypes and behaviors, where mutual commitments MUST be made for collaborations to be successful. For example, the relationshipTypes between a "Buyer" and a "Seller" could include:

• A "Purchasing" relationshipType, for the initial procurement of goods or services, and

• A "Customer Management" relationshipType to allow the "Supplier" to provide service and support after the goods have been purchased or the service provided

Although relationshipTypes are always between two roleTypes, choreographies involving more than two roleTypes are possible. For example, if the purchase of goods involved a third-party "Shipper" contracted by the "Supplier" to deliver the "Supplier's" goods, then, in addition to the "Purchasing" and "Customer Management" relationshipTypes described above, the following relationshipTypes might exist:

• A "Logistics Provider" relationshipType between the "Supplier" and the "Shipper", and

• A "Goods Delivery" relationshipType between the "Buyer" and the "Shipper"

The syntax of the relationshipType construct is:

<relationshipType name="NCName">
   <roleType typeRef="QName" behavior="list of NCName"? />
   <roleType typeRef="QName" behavior="list of NCName"? />
</relationshipType>

The attribute name is used to specify a distinct name for each relationshipType element declared within a choreography package.

A relationshipType element MUST have exactly two roleTypes defined. Each roleType is specified by the typeRef attribute within the roleType element. The "QName" value of the typeRef attribute of the roleType element MUST reference the name of a roleType.

Within each roleType element, the OPTIONAL attribute behavior identifies the commitment of a participant as an XML-Schema list of behavior types belonging to this roleType. If the behavior attribute is missing then all the behaviors belonging to this roleType are identified as the commitment of a participant. If the behavior attribute is present then the behaviors listed MUST be a proper subset of those belonging to this roleType.

4.3 ParticipantType

A participantType groups together those parts of the observable behavior that MUST be implemented by a participant . A logical entity or organization MAY be represented by more than one participantType within a choreography.

The syntax of the participantType construct is:

<participantType name="QName">
   <roleType typeRef="QName" />+
</participantType>

The attribute name is used to specify a distinct name for each participantType element declared within a choreography package.

Within the participantType element, one or more roleType elements identify the roleTypes that MUST be implemented by this participantType. Each roleType is specified by the typeRef attribute of the roleType element. The "QName" value of the typeRef attribute of the roleType element MUST reference the name of a roleType. A specific roleType MUST NOT be specified in more than one participantType element.

An example is shown below where the "SellerForBuyer" roleType belonging to a "Buyer-Seller" relationshipType is implemented by the participantType "Broker" which also implements the "SellerForShipper" roleType belonging to a "Seller-Shipper" relationshipType.

<roleType name="Buyer">
   . . .
</roleType>
<roleType name="SellerForBuyer">
    <behavior name="sellerForBuyer" interface="rns:sellerForBuyerPT"/>
</roleType>
<roleType name="SellerForShipper">

    <behavior name="sellerForShipper" interface="rns:sellerForShipperPT"/>
</roleType>
<roleType name="Shipper">
   . . .
</roleType>

<relationshipType name="Buyer-Seller">
    <roleType typeRef="tns:Buyer" />

    <roleType typeRef="tns:SellerForBuyer" />
</relationshipType>
<relationshipType name="Seller-Shipper">
    <roleType typeRef="tns:SellerForShipper" />
    <roleType typeRef="tns:Shipper" />
</relationshipType>

<participantType name="Broker">

   <roleType typeRef="tns:SellerForBuyer" />
   <roleType typeRef="tns:SellerForShipper" />
</participantType>

4.4 ChannelType

A channelType realizes a point of collaboration between participantTypes by specifying where and how information is exchanged. Additionally, channelType instance information, captured within channel variables, can be passed among participants in information exchanges. The channelType instances exchanged MAY be used in subsequent interaction activities. This allows the modeling of both static and dynamic message destinations when collaborating within a choreography. For example, a "Buyer" could specify channelType instance information to be used for sending delivery information. The "Buyer" could then send this channelType instance information to the "Seller" who then forwards it to the "Shipper". The "Shipper" could then send delivery information directly to the "Buyer" using the channelType instance information originally supplied by the "Buyer".

A channelType MUST describe the roleType and the type of a participant reference, conveying the information needed to address the participant being the target of an information exchange, either a receiver of a request action or a sender of a reply action, which is used for determining where and how to send or receive information to or from the participant.

A channelType MAY describe the type of the instance identity of one or more logical conversations between participants, where each conversation groups a set of related information exchanges. The channelType instance identity can be used to correlate multiple conversations (channel instances) within the same choreography instance.

One or more channelType instances MAY be passed around from one participant to another in an information exchange. A channelType MAY be used to:

• Restrict the number of times an instance of this channelType can be used

• Restrict the type of information exchange that can be performed when using an instance of this channelType

• Restrict the channelTypes that will be passed through an instance of this channelType

• Enforce that a passed channel instance is unique

The syntax of the channelType construct is:

<channelType  name="NCName"
              usage="once"|"distinct"|"shared"?
              action="request-respond"|"request"|"respond"? >

   <passing  channel="QName"
             action="request-respond"|"request"|"respond"?
             new="true"|"false"? />*

   <roleType typeRef="QName"  behavior="NCName"? />

   <reference>
      <token name="QName"/>
   </reference>

   <identity usage="primary"|"alternate"|"derived"|"association">
      <token name="QName"/>+
   <identity>*

</channelType>

The attribute name is used to specify a distinct name for each channelType element declared within a choreography package.

The OPTIONAL attribute usage is used to constrain the way in which an instance of this channelType, can be used. The values that can be used for this attribute are:

1. "once" - Once means that a channel instance of this channelType can be used for one interaction, or can be passed to another roleType. When a channel instance of this channelType is passed, the passer of the channel instance MUST relinquish control, for outputting only, of that instance and passes control to the receiver. A channel instance of this channelType MUST NOT be passed to more than one receiver at any one time.

2. "distinct" (default usage mode) - Distinct means that a channel instance of this channelType can be used multiple times by a participantType within multiple interactions. When a channel instance of this channelType is passed, the passer of the channel instance MUST relinquish control, for outputting only, of that instance and passes control to the receiver. A channel instance of this channelType MUST NOT be passed by a participantType to more than one receiver. In this mode, a participantType MUST NOT specify two or more concurrent interactions for the same channel instance with the same operation name.

3. "shared" - Shared means that a channel instance of this channelType can be used multiple times by multiple participantTypes within multiple interactions. When a channel instance of this channelType is passed, the participantType passing the channel instance MUST NOT relinquish control. In this mode, a participantType MUST NOT specify two or more concurrent interactions for the same channel instance with the same operation name.

The OPTIONAL attribute action is used to restrict the type of information exchange that can be performed when using a channel instance of this channelType. The type of information exchange performed could either be a request-respond exchange, a request exchange, or a respond exchange. The default value for this attribute is "request".

The OPTIONAL element passing describes the channelTypes of the channel instances that are passed from one participant to another when using an information exchange on a channel instance of this channelType. The OPTIONAL attribute action within the passing element, defines when a channel instance MUST be passed, either during a request exchange, during a response exchange or both. The default value for this attribute is "request". The OPTIONAL attribute new within the passing element, when set to "true", enforces a passed channel instance to be always unique. If the element passing is missing, then this channelType MAY be used for exchanging information, but MUST NOT be used for passing channel instances of any channelType.

The element roleType is used to identify the roleType of a participant, being the type of the target of an information exchange, which is then used for statically determining where and how to send or receive information to or from the participant. Each roleType is specified by the typeRef attribute of the roleType element. The "QName" value of the typeRef attribute of the roleType element MUST reference the name of a roleType defined in the choreography package. Within the roleType element, the OPTIONAL attribute behavior identifies a specific observable behavior, belonging to the roleType that is the target of an information exchange. If the behavior attribute is missing, then any one of the behavior types belonging to this roleType MAY be the target of an information exchange.

The element reference is used to specify the type of a participant reference, conveying the information needed to address the participant being the target of an information exchange, which is used for dynamically determining where and how to send or receive information to or from the participant. The type of a participant reference is distinguished by a token, as specified by the name attribute of the token element within the reference element.

The OPTIONAL list of identity elements MAY be used to associate a unique identity for each instance of the channelType. The identity is defined by a set of tokens specified by the name attribute of the token element within the identity element. If two identity elements are specified within the same or different channelType elements, and they have the same set of named tokens in the same order, then they are considered to represent the same identity type.

The identity element has a mandatory usage attribute, which defines the purpose of the identity in the context of the channelType. The values for this attribute are:

1. "primary" - The 'primary' usage classification means that the identity is created by the initial message on an instance of this channelType. A channelType must have only one 'primary' identity field.

   An example for using this attribute is shown below.

   <channelType name="OrderChannel">
     …
     <identity usage="primary">
       <token name="OrderId" />
     </identity>
   
   </channelType>
   

   This means that all messages (requests and responses) exchanged on this "OrderChannel" must contain the 'OrderId' field.

2. "alternate" - The 'alternate' usage classification means that an alternative identity for a channelType instance can be established. The alternate identity can be initialized based on any message within the channel instance's conversation (i.e. it does not have to be the first). If it is not the first message, then the message must also contain either the channel instance's primary key, or another previously initialized alternate identity, to bind the identity to the channel instance. Once the alternate identity has been bound to the channel instance, subsequent messages that only contain that alternate identity will be correlated to the channel instance.

   An example for using this attribute is shown below.

   <channelType name="OrderChannel">
     …
     <identity usage="primary">
   
       <token name="OrderId" /> 
     </identity> 
     <identity usage="alternate"> 
       <token name="TxnId" />
     </identity>
   </channelType>
   

   In this example, an "OrderChannel" channel instance will be identified initially by the value of the 'OrderId' field. However, at some point in the conversation, a message will be exchanged containing the 'TxnId' field. Once this message has occurred, subsequent messages on this channel instance can be correlated based on either the primary 'OrderId' field, or the alternate 'TxnId' field.

3. "derived" - The 'derived' usage classification means that the identity will be derived from a message sent on the current channel instance (conversation), but it does not directly determine the identity of that current channel instance. Subsequently another channel instance (of the same or different channelType) will reference this identity value in its 'primary' identity field, and that will cause the referencing channel instance to become correlated with the current channel instance in the same choreography instance.

   An example for using this attribute is shown below.

   <channelType name="OrderChannel">
     …
     <identity usage="primary">
       <token name="OrderId" />
     </identity>
   
     <identity usage="derived">
       <token name="DeliveryId" />
     </identity>
   </channelType>
   
   <channelType name="DeliveryChannel">
     …
     <identity usage="primary">
   
       <token name="DeliveryId" />
     </identity>
   </channelType>
   

   In this example, the 'OrderId' identifies the "OrderChannel" channel instance, and at some point during its conversation it will exchange a message that contains the 'DeliveryId' information. Although this identity is not relevant from the perspective of the "OrderChannel", it can subsequently be used to determine the identity of the "DeliveryChannel" channel instance, and consequently bind the "DeliveryChannel" instance to the same choreography instance as the original "OrderChannel" channel instance.

4. "association" - The 'association' usage classification means that this channel instance is correlated to a previous channel instance identity, and therefore is associated with the same choreography instance as the previous channel instance. An identity with this classification is not used to determine the identity of the current channel instance, only to establish the association with a previous channel instance within the same choreography instance. The identity can either relate to another identity definition (in another channelType) that has a usage classification of 'primary'/'alternate', or that has the 'derived' classification. The initial message in the channel instance MUST contain the information to resolve this identity field.

   An example for using this attribute is shown below.

   <channelType name="OrderChannel">
     …
     <identity usage="primary">
       <token name="OrderId" />
     </identity>
   </channelType>
   
   <channelType name="SupplierChannel">
   
     …
     <identity usage="association">
       <token name="OrderId" />
     </identity>
   
     <identity usage="primary">
       <token name="SupplierName" />
   
       <token name="OrderId" />
     </identity>
   </channelType>
   

   This example shows how a choreography can contain a single "OrderChannel" channel instance, and zero or more "SupplierChannel" channel instances correlated with it based on an 'association' to the identity established for the "OrderChannel" channel instance.

5.1 InformationType

InformationTypes describe the type of information used within a choreography. By introducing this abstraction, a choreography definition avoids directly referencing the data types, as defined within a WSDL document or an XML Schema document.

The syntax of the informationType construct is:

<informationType name="NCName"
                 type="QName"?|element="QName"? />

The attribute name is used to specify a distinct name for each informationType element declared within a choreography package.

The OPTIONAL attributes type and element describe the type of information used within a choreography as a WSDL 1.1 Message Type, an XML Schema type, a WSDL 2.0 Schema element or an XML Schema element. The attributes type and element MUST be mutually exclusive.

The examples below show some possible usages of the informationType construct.

Example 1: The informationType "purchaseOrder" refers to the WSDL 1.1 Message type "pns:purchaseOrderMessage"

   <informationType name="purchaseOrder" type="pns:purchaseOrderMessage"/>

Example 2: The informationType "customerAddress" refers to the WSDL 2.0 Schema element "cns:CustomerAddress"

   <informationType name="customerAddress" element="cns:CustomerAddress"/>

Example 3: The informationType "intType" refers to the XML Schema type "xsd:int"

   <informationType name="intType" type="xsd:int"/>

5.2 Variables

Variables capture information about objects in a choreography as defined by their usage:

• Information exchange capturing variables contain information, such as an "Order", that are:

  • Used to populate the content of a message to be sent, before or at the occurrence of message-has-been-sent-event or
  • Populated as a result of a message-received-event occurrence

• State capturing variables contain information about the observable changes at a roleType as a result of information being exchanged. For example, when a "Buyer" sends an "Order" to a "Seller", the "Buyer" could have a variable called "OrderState" set to a value of 'OrderSent' and once the "Seller" received the message, the "Seller" could have a variable called "OrderState" set to a value of 'OrderReceived'. The "OrderState" at the "Buyer" is not the same variable as the "OrderState" at the "Seller"

• Channel capturing variables contain information such as: the "URL" to which the message could be sent, the policies that are to be applied (e.g. security), whether or not reliable messaging is to be used, etc. How and where such information is expressed is outside the scope of this specification

• Exception capturing variables contain information about a caused exception

The value of a variable:

• Is available to roleTypes within a choreography, as specified in the variable Definition, and when the variable contains information that is common knowledge. For example, the variable "OrderResponseTime" which specifies the time in hours in which a response to an "Create Order" request must be sent is initialized prior to the initiation of a choreography and can be used by all roleTypes within the choreography, if the variable is defined for all roleTypes

• Can be made available as a result of an interaction

  • An information exchange capturing variable is populated and becomes available at the specified roleTypes at the ends of an interaction
  • State capturing variables, that contain information about the observable information changes of a roleType as a result of information being exchanged and recorded, which become available at the ends of an interaction

• Can be created or changed and made available locally at a roleType by assigning data from other information. It can be an information exchange, state or channel capturing variable. For example, "Maximum Order Amount" could be data created by a "Seller" that is used together with an actual "Order amount" from a "Create Order" request received at the "Seller" to control the ordering of the choreography. In this case how "Maximum Order Amount" is calculated and its value would not be known by the other roleTypes

• Can be used to determine the decisions and actions to be taken within a choreography

• That is defined at different roleTypes that are part of the same participantType is shared between these roleTypes when the variables have the same name

If an uninitialized variable is used in any action, except for a blocking workunit or if used in the WS-CDL function isVariableAvailable , then the result of the action is undefined.

The variableDefinitions construct is used for defining one or more variables within a choreography.

The syntax of the variableDefinitions construct is:

<variableDefinitions>
   <variable   name="NCName"
       informationType="QName"?|channelType="QName"?
       mutable="true|false"?
       free="true|false"?
       silent="true|false"?
       roleTypes="list of QName"? />+

</variableDefinitions>

A variable defined using the attribute informationType specifies either information exchange capturing variables or state capturing variables. A variable defined using the attribute channelType specifies channel capturing variables. The attributes informationType and channelType MUST be mutually exclusive.

The OPTIONAL attribute mutable , when set to "false", specifies that the variable information MUST NOT change once initialized. The default value for this attribute is "true".

The OPTIONAL attribute silent , when set to "true" specifies that there SHOULD NOT be any activity used for creating or changing this variable in the choreography. A silent variable is used to represent the result of actions within a participant that are either not observable or are of no interest from the WS-CDL perspective. The default value for this attribute is "false".

The OPTIONAL attribute free , when set to "true" specifies that a variable defined in an enclosing choreography is also used in this choreography, thus sharing the variable's information. The following rules apply in this case:

• The type (as specified by the informationType or the channelType attributes) of a free variable MUST match the type of the variable defined in an enclosing choreography

• The attributes silent and mutable of a free variable MUST match the attributes silent and mutable of the variable defined in an enclosing choreography

• A perform activity MUST bind a free variable defined in a performed choreography with a variable defined in a performing choreography

The OPTIONAL attribute free , when set to "false" specifies that the variable is defined in this choreography. The default value for the free attribute is "false".

The OPTIONAL attribute roleTypes is used to specify an XML-Schema list of one or more roleTypes of a participant at which the variable information will reside. A variable defined without a roleType is equivalent to a variable that is defined at all the roleTypes that are part of the relationshipTypes of the choreography where the variable is defined. For example, if choreography "choreo1" has relationshipType "rel" that has roleTypes "roleType1" and "roleType2", then a variable "var" defined in choreography "choreo1" without a roleTypes attribute means it is defined at both "roleType1" and "roleType2".

The attribute name is used to specify a distinct name for each variable declared within the variableDefinitions element. In those cases where the visibility of a variable is wholly within a single roleType, then that roleType needs to be named in the definition of the variable as the roleType using the attribute roleTypes . In those cases where the variable is shared amongst a subset of roleTypes within a choreography, those roleTypes need to be listed within the definition of the variable as the roleTypes using the attribute roleTypes .

5.3 Expressions

Expressions can be used within WS-CDL to create new information, and to obtain or change existing information.

Generic expressions and literals can be used to populate variables. Predicate expressions can be used within WS-CDL to specify conditions. Query expressions are used within WS-CDL to specify queries.

The language used in WS-CDL for specifying expressions and queries or conditional predicates MUST be XPath 1.0.

WS-CDL defines a set of XPath 1.0 extension functions that implementers MUST support. The functions are defined in the standard WS-CDL namespace http://www.w3.org/2005/10/cdl. The prefix "cdl:" is associated with this namespace.

5.4 Token and TokenLocator

A token is an alias for a piece of data in a variable or message that needs to be used by a choreography. Tokens differ from variables in that variables contain values which MAY be populated as the result of actions or events within a choreography life-line whereas tokens contain information that define the piece of the data that is relevant.

All tokens MUST have an informationType, for example, an "Order Id" could be of type 'alphanumeric' and a "Counter" could be of type 'integer'.

Tokens reference a document fragment within a choreography definition. Token locators provide a query mechanism to select tokens. By introducing these abstractions, a choreography definition avoids depending on specific message types as described by WSDL, or a specific query string as specified by XPath 1.0. Instead, the document part and the query string can change without affecting the choreography definition.

The syntax of the token construct is:

<token  name="NCName"  informationType="QName" />

The attribute name is used to specify a distinct name for each token element declared within a choreography package.

The attribute informationType identifies the type of the document fragment.

The syntax of the tokenLocator construct is:

<tokenLocator name="NCName"? tokenName="QName" 
               informationType="QName" 
               part="NCName"?
               query="XPath-expression" />

The OPTIONAL attribute name is used to specify a distinct name for each tokenLocator element declared within a choreography package.

The attribute tokenName identifies the name of the token that the document fragment locator is associated.

The attribute informationType identifies the type of the document on which the query is performed to locate the token.

The OPTIONAL attribute part defines the document part on which the query is performed to locate the token. This attribute SHOULD NOT be defined for a WSDL 2.0 document.

The attribute query defines the query string that is used to select a document fragment within a document or a document part.

The example below shows that the token "purchaseOrderID" is of XML-Schema type 'int'. The two token locators show how to access this token in the "purchaseOrder" and "purchaseOrderAck" messages.

<token name="purchaseOrderID" informationType="xsd:int"/>

<tokenLocator tokenName="tns:purchaseOrderID" informationType="purchaseOrder"       
                query="/PO/OrderId"/>
<tokenLocator tokenName="tns:purchaseOrderID" informationType="purchaseOrderAck" 
                query="/POAck/OrderId"/>

5.5 Choreography

A choreography defines re-usable common rules that govern the ordering of exchanged messages, and the provisioning patterns of collaborative behavior, as agreed upon between two or more interacting participants.

A choreography defined at the choreography package level is called a top-level choreography, and does not share its context with other top-level choreographies. A choreography package MUST contain zero or one top-level choreography, marked explicitly as the root choreography.

The re-usable behavior encapsulated within a choreography MAY be performed within an isolated enclosed choreography, thus facilitating composition. The performed choreography is then called an enclosed choreography and MAY be defined:

• locally - its definition is contained within the enclosing choreography

• globally - a separate top-level, non-root choreography definition is specified in the same or in a different choreography package that can be used by other choreographies and hence the contract described becomes reusable

The root choreography is the only choreography that is enabled by default, whereas a non-root choreography is enabled only when performed.

A choreography MUST contain at least one relationshipType, enumerating the observable behavior this choreography requires its participants to exhibit. One or more relationshipTypes MAY be defined within a choreography, modeling multi-participant collaborations.

A choreography acts as a lexical name scoping context for variables. A variable defined in a choreography is visible for use in this choreography and all its enclosed choreographies up to the point that the variable is redefined as a non-free variable, thus forming a choreography visibility horizon for this variable.

A choreography MAY contain one or more choreography definitions that MAY be performed only locally within this choreography.

A choreography MUST contain an Activity-Notation. The Activity-Notation specifies the actions of the choreography that perform work. These actions are enabled when the choreography they belong to is enabled.

A choreography MAY define an exceptionBlock to recover from unusual conditions that can occur.

An enclosed choreography that has successfully completed MAY need to provide finalization actions that confirm, cancel or otherwise modify the effects of its completed actions. To handle these modifications, one or more separate finalizerBlocks MAY be defined for an enclosed choreography.

A choreography can also be coordinated. Choreography coordination guarantees that all involved roleTypes agree on how the choreography ended. That is, if the choreography completed successfully or suffered an exception, and if the choreography completed successfully and finalizerBlocks were installed, all roleTypes have the same finalizerBlock enabled.

The Choreography-Notation is used to define a choreography as follows:

<choreography  name="NCName"
      complete="xsd:boolean XPath-expression"?
      isolation="true"|"false"?
      root="true"|"false"?
      coordination="true"|"false"? >

   <relationship  type="QName" />+

   variableDefinitions?

   Choreography-Notation*

      Activity-Notation 

   <exceptionBlock  name="NCName">
      WorkUnit-Notation+
   </exceptionBlock>?

   <finalizerBlock  name="NCName">

      Activity-Notation
   </finalizerBlock>*
</choreography>

The attribute name is used to specify a distinct name for each choreography element declared within a choreography package.

The OPTIONAL complete attribute makes it possible to explicitly complete a choreography as described below in the choreography life-line section. This Boolean conditional expression MUST use short circuit evaluation according to the XPath 1.0 lexical rules.

The OPTIONAL isolation attribute specifies when a variable defined in an enclosing choreography, and changed within an enclosed choreography, is available to its sibling choreographies. The default value for this attribute is "false". The following rules apply:

• When isolation is set to "false", the variable information MAY be immediately overwritten by actions in its sibling choreographies.

• When isolation is set to "true", changes to the variable information MUST be visible for read or for write to its sibling choreographies only after this choreography has completed.

An isolated choreography MUST NOT directly or indirectly perform another isolated choreography.

If a choreography has its isolation attribute set to "true", then any and all enclosed choreographies MUST assume this isolation value.

The OPTIONAL coordination attribute specifies whether choreography coordination is required. The default value for this attribute is "false". The following rules apply:

• When the coordination attribute is set to "true", choreography coordination is required and a coordination protocol MUST ensure that all the roleTypes agree on how the choreography ended.

• When the coordination attribute is set to "false", the choreography is not bound to a coordination protocol. Since none of the above guarantees of agreement on the outcome apply, any required coordination SHOULD be performed using explicitly modeled interactions.

The relationship element within the choreography element enumerates the relationships this choreography MAY participate in.

The OPTIONAL variableDefinitions element enumerates the variables defined in this choreography.

The OPTIONAL root element marks a top-level choreography as the root choreography of a choreography package. The default value for this attribute is "false".

The OPTIONAL Choreography-Notation within the choreography element defines the locally defined choreographies that MAY be performed only within this choreography.

The OPTIONAL exceptionBlock element defines the exceptionBlock of a choreography by specifying one or more exception workunits using a WorkUnit-Notation. Within this element, the attribute name is used to specify a name for this exceptionBlock element.

The OPTIONAL finalizerBlock element defines a finalizerBlock for a choreography. A choreography MAY have more than one finalizerBlock. Each finalizerBlock specifies one finalizer activity using an Activity-Notation. If a choreography defines more than one finalizerBlock, then each MUST be differentiated by a distinct name as specified with the name attribute within the finalizerBlock element.

5.6 WorkUnit

A workunit prescribes the constraints that have to be fulfilled for making progress and thus performing work within a choreography. A workunit can also prescribe the constraints that preserve the consistency of the collaborations commonly performed between the participants. Using a workunit, an application can recover from errors that are the result of abnormal actions and can also finalize successfully completed choreographies that need further action. For example, to confirm or logically roll back effects, or to close the choreography so that any defined "rollback" workunit will not be enabled. Examples of a workunit include:

• A "Change Order" workunit that can be performed whenever an order acknowledgement message has been received and an order rejection has not been received.

• An "Order Delivery Error" workunit that is performed whenever the "Place Order" workunit did not reach a 'normal' conclusion. This would have a constraint that identifies the error.

The guard condition of a workunit, if specified, expresses the interest on one or more variable's information (that already exist or will become available in the future) being available under certain prescribed constraints. The workunit's expressed interest MUST be matched for its enclosed actions to be enabled.

A workunit MUST complete successfully when all its enclosed actions complete successfully.

A workunit that completes successfully MUST be considered again for matching (based on its guard condition), if its repetition condition evaluates to "true".

The WorkUnit-Notation is used to define a workunit as follows:

<workunit  name="NCName"
      guard="xsd:boolean XPath-expression"? 
      repeat="xsd:boolean XPath-expression"? 
      block="true|false"? >

      Activity-Notation 
</workunit>

The attribute name is used to specify a name for each workunit element declared within a choreography package.

The Activity-Notation specifies the enclosed actions within a workunit.

The OPTIONAL attribute guard specifies the guard condition of a workunit. This Boolean conditional expression MUST use short circuit evaluation according to the XPath 1.0 lexical rules.

The OPTIONAL attribute repeat specifies the repetition condition of a workunit. This Boolean conditional expression MUST use short circuit evaluation according to the XPath 1.0 lexical rules.

The OPTIONAL attribute block specifies whether the workunit has to block waiting for referenced variables within the guard condition to become available (if they are not already) and the guard condition to evaluate to "true". This attribute MUST always be set to "false" in exception workunits. The default value for this attribute is "false".

As detailed above, the following rules apply:

• When a guard condition is not specified then the workunit always matches

• One or more workunits MAY be matched concurrently if their respective expressed interests are matched

• When a repetition condition is not specified then the workunit is not considered again for matching after the workunit was matched once

• One or more variables can be specified in a guard condition or repetition condition, using XPath 1.0 and the WS-CDL functions, as described in Section 5.3.1

• The WS-CDL function getVariable is used in the guard or repetition condition to obtain the value of a variable at the specific roleType (i.e. it can not be used to perform a remote value fetch)

• When the WS-CDL function isVariableAvailable is used in the guard or repetition condition, it means that the workunit that specifies the guard or repetition condition is checking if a variable is already available at a specific roleType or is waiting for a variable to become available at a specific roleType, based on the block attribute being "false" or "true" respectively

• When the WS-CDL function variablesAligned is used in the guard or repetition condition, it means that the workunit that specifies the guard or repetition condition is checking or waiting for an appropriate alignment interaction to happen between the two roleTypes, based on the block attribute being "false" or "true" respectively. The variables checked or waited for alignment are the sending and receiving ones in an alignment interaction or the ones used in the recordings at the two roleTypes at the ends of an alignment interaction. When the variablesAligned WS-CDL function is used in a guard or repetition condition, then the relationshipType within the variablesAligned MUST be the subset of the relationshipType that the immediate enclosing choreography defines

• Variables defined at different roleTypes MAY be used in a guard condition or repetition condition to form a globalized view, thus combining constraints prescribed for each roleType but without requiring that all these constraints have to be fulfilled for progress to be made. The globalizedTrigger WS-CDL function MUST be used in a guard condition or repetition condition in this case. Variables defined at the same roleType MAY be combined together in a guard condition or repetition condition using all available XPath 1.0 operators and all the WS-CDL functions

• If the attribute block is set to "true" and one or more required variables are not available or the guard condition evaluates to "false", then the workunit MUST block. When the required variable information specified by the guard condition become available and the guard condition evaluates to "true", then the workunit is matched. If the repetition condition is specified, then it is evaluated when the workunit completes successfully. Then, if the required variable information specified by the repetition condition is available and the repetition condition evaluates to "true", the workunit is considered again for matching. Otherwise, the workunit is not considered again for matching

• If the attribute block is set to "false", then the guard condition or repetition condition assumes that the variable information is currently available. If either the variable information is not available or the guard condition evaluates to "false", then the workunit matching fails and the Activity-Notation enclosed within the workunit is skipped and the repetition condition is not evaluated even if specified. Otherwise, if the workunit matching succeeds, then the repetition condition, if specified, is evaluated when the workunit completes successfully. Then, if the required variable information specified by the repetition condition is available and the repetition condition evaluates to "true", the workunit is considered again for matching. Otherwise, the workunit is not considered again for matching

The examples below demonstrate some usages of a workunit:

a. Example of a workunit with block equals to "true":

In the following workunit, the guard condition waits on the availability of "POAcknowledgement" at "Customer" roleType and if it is already available, the activity happens, otherwise, the activity blocks until the variable "POAcknowledgement" becomes available at the "Customer" roleType.

<workunit  name="POProcess" 
           guard="cdl:isVariableAvailable('POAcknowledgement','','','tns:Customer')"
      block="true">
   ... <!--some activity -->

</workunit>

b. Example of a workunit with block equals to "false":

In the following workunit, the guard condition checks if the variable "StockQuantity" at the "Retailer" roleType is available and is greater than 10 and if so, the activity happens. If either the variable is not available or its value is less than '10', then the matching condition is "false" and the activity is skipped.

<workunit  name="StockCheck" 
    guard="cdl:getVariable('StockQuantity','','/Product/Qty', 'tns:Retailer') > 10)"
    block="false" >
   ... <!--some activity -->

</workunit>

c. Example of a workunit waiting for alignment to happen:

In this example the workunit waits until the "purchase order" information at the "Customer" and the "Retailer" roleTypes have been aligned based on a previous interaction. Alignment means that both roleTypes have agreement on the values of their respective "purchase order" variables:

<roleType name="Customer">
   . . .
</roleType>
<roleType name="Retailer">

   . . .
</roleType>
<relationshipType name="Customer-Retailer-Relationship">
    <roleType typeRef="tns:Customer" />
    <roleType typeRef="tns:Retailer" />
</relationshipType>

<workunit  name="WaitForAlignment" 
       guard="cdl:variablesAligned('
                    PurchaseOrderAtBuyer','PurchaseOrderAtSeller',
                    'tns:Customer-Retailer-Relationship')"
       block="true" >

   ... <!--some activity -->
</workunit>

5.7 Choreography Life-line

A choreography life-line expresses the progression of a collaboration through enabled activities and enclosed choreographies. Initially, the collaboration is established between participants, then work is performed within it and finally it ends.

Distinct instances of a top-level or enclosed choreography, if they are ever performed in a temporarily overlapped fashion, MUST NOT interfere with each other in their involved communication actions. In other words, given a choreography description, interactions belonging to one of its instances MUST be logically, and hence operationally, distinguishable from those in another.

A choreography session is initiated, establishing a new collaboration between participants, upon the occurrence of the first interaction in the flow which begins at the root choreography. This causes the exceptionBlock to be installed and the choreography enters the Enabled State . Before this point there is no observable association between any of the participants.

Two or more interactions MAY cause a choreography session to be initiated, if they represent alternate flow paths from the root choreography. In this case, the first performed interaction will establish the collaboration and the other interactions will enlist with the already established collaboration.

A choreography in an Enabled State MUST complete unsuccessfully when an exception is caused in the choreography and its exceptionBlock, if present, MUST be enabled. This MUST cause the choreography to enter the Unsuccessfully Completed State.

The unsuccessfully completed choreography MUST enter the Closed State once the exceptionBlock, if present, is completed. If the exceptionBlock is not present, the choreography implicitly enters the Closed State and the exception occurred MUST be propagated to the enclosing choreography, if an enclosing choreography exists.

A choreography in an Enabled State MUST complete successfully when there are no more enabled activities within its body. This causes its exceptionBlock, where present, to be deinstalled, finalizerBlocks to be installed if specified, and the choreography enters the Successfully Completed State.

Alternatively, a choreography MUST complete successfully if its complete condition, is matched by evaluating to "true". A complete condition is considered for matching while the choreography is in Enabled State. The complete condition MUST be possible to be matched in all roleTypes that participate in the choreography. When the complete condition of a choreography is matched then all activities in the choreography MUST be disabled, except for any finalizerBlocks, and the choreography completes as if there were no more enabled activities within it. When a choreography completes, all uncompleted enclosed choreographies MUST automatically become successfully completed. Messages that were sent as part of a choreography that has since completed MUST be ignored. If a finalizerBlock has been entered when the complete condition evaluates to "true", then it is unaffected and its messages MUST NOT be ignored.

A choreography, in a Successfully Completed State enters the Closed State if no finalizerBlocks were specified in that choreography.

A choreography in a Successfully Completed State with finalizerBlocks specified enters the Closed State when one of its installed finalizerBlocks is enabled and completed. The finalizerBlock of a choreography is enabled by a finalize activity in the immediately enclosing choreography. Alternatively, a choreography in a Successfully Completed State with finalizerBlocks specified implicitly enters the Closed State when its enclosing choreography enters the Closed State without enabling the finalizerBlocks of its enclosed choreography. In other words, when a choreography enters the Closed State, all its enclosed successfully completed choreographies are implicitly entering the Closed State even if none of their finalizerBlocks has been enabled.

5.8 Choreography Exception Handling

A choreography can sometimes fail as a result of an exceptional circumstance or an "error" that occurred during its performance. Different types of exceptions are possible including this non-exhaustive list:

• Interaction failures - for example, the sending of a message did not succeed

• Protocol based exchange failures - for example, no acknowledgement was received as part of a reliable messaging protocol

• Security failures - for example, a message was rejected by a recipient because the digital signature was not valid

• Timeout errors - for example, an interaction did not complete within the required time

• Validation errors - for example, an XML "Order" document was not well formed or did not conform to its XML-Schema definition

• Application failures - for example, the "Goods Ordered" were 'Out of stock'

Within WS-CDL, one or more exception workunits MAY be defined within the exceptionBlock of a choreography for each exception that needs to be handled. At least one exception workunit MUST be defined as part of the exceptionBlock of a choreography.

An exception workunit MAY express interest on the occurrence of a particular type of exception using its guard condition with the hasExceptionOccurred WS-CDL function. If no guard condition is specified, then the exception workunit is called the default exception workunit and expresses interest on any type of exception. Within the exceptionBlock of a choreography there MUST NOT be more than one default exception workunit. An exception workunit MUST always set its block attribute to "false" and MUST NOT define a repetition condition.

Exception workunits MUST be enabled when the exceptionBlock of the choreography they belong to is enabled. Enabled exception workunits in a choreography MAY behave as the mechanism to recover from exceptions occurring in this and its enclosed choreographies.

Within the exceptionBlock of a choreography only one exception workunit MAY be matched.

The rules for matching an exception are:

• When an exception workunit has a guard condition using the hasExceptionOccurred(exceptionType) WS-CDL function, then it MUST be matched when the "QName" value of a caused exception matches the exceptionType parameter specified

• If an exception is matched by the guard condition of an exception workunit, then the actions of the matched workunit are enabled. When two or more exception workunits are defined then the order of evaluating their guard conditions is based on the order that the workunits have been defined within the exceptionBlock

• If none of the guard conditions match, then if there is a default exception workunit without a guard condition defined then its actions are enabled

• If an exception is not matched by an exception workunit defined within the choreography in which the exception occurs, the exception will be recursively propagated to the exception workunit of the immediate enclosing choreography until a match is successful

• If an exception occurs within a choreography, then the choreography completes unsuccessfully. In this case its finalizerBlocks MUST NOT be installed. The actions within this choreography, including enclosed choreographies that have not completed, are completed abnormally before an exception workunit can be matched

The actions within the exception workunit MAY use variable information visible in the visibility horizon of the choreography it belongs to as they stand at the current time.

The actions of an exception workunit MAY also cause an exception. The semantics for matching the exception and acting on it are the same as described in this section.

5.9 Choreography Finalization

After a choreography instance has successfully completed, it MAY need to provide finalization actions that confirm, cancel or otherwise modify the effects of its completed actions. To handle these modifications, one or more separate finalizerBlocks MAY be defined for an enclosed choreography. When its choreography body completes successfully, and associated finalizerBlocks are specified, the finalizerBlocks MUST be installed.

If more than one finalizerBlock is defined for the same choreography, each of them MUST be differentiated by their name attributes. However, at most one finalizerBlock MAY be enabled for any given choreography instance during the subsequent progress, including exception handling and finalization, of the enclosing choreography.

FinalizerBlocks MAY implement whatever actions are appropriate for the particular choreography. Common patterns might include:

• A single finalizerBlock to semantically "rollback" the choreography

• Two finalizerBlocks, for example one with name "confirm" and one with name "cancel", to implement a two-phase outcome protocol

• One "undo" finalizerBlock and one "close" finalizerBlock. If the "close" finalizer is enabled, then the choreography will be closed and the "undo" finalizerBlock can no longer be enabled

The actions within the finalizer activity MAY use variable information visible in the visibility horizon of the choreography it belongs to as they were at the time the choreography completed for the variables belonging to this choreography and as they stand at the current time for the variables belonging to the enclosing choreography.

The actions of a finalizer activity MAY fault. The semantics for matching the fault and acting on it are the same as described in Section 5.8.

5.10 Choreography Coordination

Choreography coordination guarantees that all involved roleTypes will agree on how the choreography ended. That is, all roleTypes will agree on whether the choreography completed successfully or suffered an exception, and if the choreography completed successfully and finalizerBlocks were installed, all roleTypes will agree on which finalizerBlock was enabled. Such agreement differs from interaction based alignment in that the coordinated choreography as a whole is aligned, regardless of whether each interaction in the coordinated choreography is aligned. In contrast to alignment interactions, a coordinated choreography provides a larger unit of coordination - a set of interactions that end with shared knowledge among all the participantTypes that their collaboration is in a defined state. Such a unit need not be aligned at each step - it is only required that clear alignment points are made to guarantee that all involved roleTypes will agree on how the choreography ended.

Choreographies defined as requiring coordination must be bound to a coordination protocol. When choreography coordination is not required, then the choreography is not bound to a coordination protocol and, since none of the above guarantees of agreement on the outcome apply, any required coordination should be performed using explicitly modeled interactions.

The implications of choreography coordination differ for root choreographies versus enclosed choreographies:

• An enclosed choreography MAY have one or more finalizerBlocks. In this case, coordination means that all roleTypes agree on whether the choreography completed successfully or suffered an exception. If the choreography completed successfully and finalizerBlocks were installed, all roleTypes agree on which finalizerBlock was enabled

• A root choreography can also be coordinated, but it MUST NOT have any finalizerBlocks. In this case, coordination means that all roleTypes agree on whether the choreography completed successfully or suffered an exception

• In both cases, all roleTypes MUST agree on whether the choreography completed successfully, or if an exception occurs, all roleTypes MUST experience an exception rather than successful completion. When an exception occurs within a choreography, the coordination protocol will throw an exception to roleTypes which have not otherwise detected the exception that occurred

An exception MUST be propagated to all participants in the choreography using explicitly modeled, exception causing interactions when the choreography is not coordinated. This MUST cause the choreography to enter the exception state, and its exceptionBlock, if specified, MUST be enabled.

The two examples below show two usages of coordinated choreographies.

Example 1: Coordinated credit authorization without finalizerBlocks:

<informationType name="creditDeniedType" />

<!-- Coordinated CreditAuthorization Choreography without finalizerBlocks-->
<choreography name="CreditAuthorization" root="false" coordination="true">
   <relationship type="tns:CreditReqCreditResp"/>
   <variableDefinitions>
      <variable name="CreditExtended" informationType="xsd:int" silent="true"       
                roleTypes="tns:CreditResponder"/>
      <variable name="creditRequest"/>
      <variable name="creditAuthorized"/>

      <variable name="creditDenied" informationType = "tns:creditDeniedType"/>
   </variableDefinitions>
   
   <!-- the normal work - receive the request and decide whether to approve -->
   <interaction name="creditAuthorization" channelVariable="tns:CreditRequestor" 
                operation="authorize">
      <participate relationshipType="SuperiorInferior"
                   fromRoleTypeRef="tns:Superior" 
                   toRoleTypeRef="tns:Inferior"/>
      <exchange name="creditRequest" informationType="creditRequest" 
                action="request">

         <send variable="getVariable('tns:creditRequest','','')"/>
         <receive variable="getVariable('tns:creditRequest','','')"/>
      </exchange>
      <exchange name="creditAuthorized" informationType="creditAuthorizedType"   
                action="respond">
         <send variable="getVariable('tns:creditAuthorized','','')"/>
         <receive variable="getVariable('tns:creditAuthorized','','')"/>

      </exchange>
      <exchange name="creditDenied" informationType="creditDeniedType" 
                action="respond">
         <send variable="getVariable('tns:creditDenied','','')"
                         causeException="tns:creditDenied"/>
         <receive variable="getVariable('tns:creditDenied','','')"
                         causeException="tns:creditDenied"/>
      </exchange>
   </interaction>

   <!-- catch the (application) exception - as an exception it will abort the 
        choreography -->
   <exceptionBlock name="handleBadCreditException">
     <workunit  name="handleBadCredit" >
                <interaction name="badCreditInteraction" 
                             channelVariable="tns:CreditResponder"
                             operation="creditDenied">
                    <participate relationshipType="CreditReqCreditResp"
                         fromRoleTypeRef="tns:Responder"
                         toRoleTypeRef="tns:CreditRequestor"/>
      </interaction>

     </workunit>
  </exceptionBlock>
</choreography>

Example 2: Coordinated credit authorization with finalizerBlocks

<informationType name="creditDeniedType" />

<!-- Coordinated CreditAuthorization Choreography with finalizerBlocks -->
<choreography name="CreditAuthorization" root="false" coordination="true">
   <relationship type="tns:CreditReqCreditResp"/>
   <variableDefinitions>
      <variable name="CreditExtended" informationType="xsd:int" silent="true"  
                roleTypes="tns:CreditResponder"/>
      <variable name="creditRequest"/>

      <variable name="creditAuthorized"/>
      <variable name="creditDenied" informationType = "creditDeniedType"/>
   </variableDefinitions>

   <!-- the normal work -receive the request and decide whether to approve -->
   <interaction name="creditAuthorization" channelVariable="tns:CreditRequestor"  
                operation="authorize">
      <participate relationshipType="SuperiorInferior"
                   fromRoleTypeRef="tns:Superior" 
                   toRoleTypeRef="tns:Inferior"/>

      <exchange name="creditRequest" informationType="creditRequest"  
             action="request">
         <send variable="tns:creditRequest"/>
         <receive variable="tns:creditRequest"/>
      </exchange>
      <exchange name="creditAuthorized" informationType="creditAuthorizedType" 
                action="respond">
         <send variable="tns:creditAuthorized"/>

         <receive variable="tns:creditAuthorized"/>
      </exchange>
      <exchange name="creditDenied" informationType="creditDeniedType" 
                action="respond">
         <send variable="tns:creditDenied" causeException="tns:creditDenied"/>
         <receive variable="tns:creditDenied" causeException="tns:creditDenied"/>
      </exchange>

   </interaction>

   <!-- catch the (application) exception - as an exception it will abort the 
        choreography and the finalizerBlocks are not accessible -->
   <exceptionBlock name="handleBadCreditException">
       <workunit  name="handleBadCredit" >
          <interaction name="badCreditInteraction" 
                channelVariable="tns:CreditResponder"
                operation="creditDenied">
                <participate relationshipType="CreditReqCreditResp"
                      fromRoleTypeRef="tns:Responder"
                      toRoleTypeRef="tns:CreditRequestor"/>

          </interaction>
       </workunit>
   </exceptionBlock>

   <!-- finalizerBlocks -->
   <!-- what to do if the credit is drawn down -->
   <finalizerBlock name="drawDown">

      <!-- if there is no application content to send, this could just be an 
           assignment to the statecapturevariable creditExtended -->
       <workunit  name="drawdown" >
            <interaction name="drawdownInteraction" 
                         channelVariable="tns:CreditRequestor"
                         operation="drawDown">
                  <participate relationshipType="CreditReqCreditResp"
                      fromRoleTypeRef="tns:CreditRequestor"
                      toRoleTypeRef="tns:CreditResponder"/>
                  <exchange name="dummy" action="request">
                      <send></send>

                      <receive recordReference="drawdownRecord"/>
                  </exchange>  
                 <record name="drawdownRecord" when="before">
                      <source expression="drawnDown"/>
                      <target variable="CreditExtended"/>
                  </record>               
            </interaction>

           </workunit>
   </finalizerBlock>

   <!-- what to do if the credit is not used -->
   <finalizerBlock name="replenish">      
   <!-- if there is no application content to send, this could just be an  
           assignment to the state capturing variable creditExtended -->
       <workunit name="replenishWU">

            <interaction name="replenishInteraction" 
                         channelVariable="tns:CreditRequestor"
                         operation="replenish">
                <participate relationshipType="CreditReqCreditResp"
                      fromRoleTypeRef="tns:CreditRequestor"
                      toRoleTypeRef="tns:CreditResponder"/>
                <exchange name="dummy" action="request">
                     <send></send>
                       <receive recordReference="replenishRecord"/>
                </exchange>                
                <record name="replenishRecord" when="before">

                       <source expression="released"/>
                       <target variable="CreditExtended"/>
                </record>
             </interaction>
        </workunit>
   </finalizerBlock>

</choreography>        

6.1 Ordering Structures

Ordering structures combine activities with other ordering structures in a nested structure to express the ordering rules of actions performed within a choreography. An ordering structure is one of the following:

• sequence

• parallel

• choice

<sequence>
    Activity-Notation+
</sequence>

<parallel>
    Activity-Notation+
</parallel>

<choice>
    Activity-Notation+
</choice>

<choice>
  <interaction name=""processGoodCredit"
       channelVariable="goodCredit-channel" operation="doCredit">
      ...
  </interaction>

  <interaction name=""processBadCredit"
       channelVariable="badCredit-channel" operation="doBadCredit">
      ...
  </interaction>

<choice>

6.2 Interacting

An interaction is the basic building block of a choreography. It results in information exchanged between collaborating participants and possibly the synchronization of their observable information changes and the values of the exchanged information.

An interaction forms the base atom of the choreography composition. Multiple interactions are combined to form a choreography, which can then be used in different business contexts.

An interaction is initiated when one of the roleTypes participating in the interaction sends a message through a common channel to another roleType that is participating in the interaction. If the initial message is a request, then the accepting roleType can optionally respond with a normal response message or a fault message, which will be received by the initiating roleType.

An interaction also contains "references" to:

• The channel capturing variable that describes where and how the message is to be sent to and received into the accepting roleType

• The operation that specifies what the recipient of the message should do with the message when it is received

• The 'from' roleType and 'to' roleType that are involved

• The informationType or channelType that is being exchanged

• The information exchange capturing variables at the 'from' roleType and 'to' roleType that are the source and destination for the message content

• A list of potential state capturing variable recordings that capture observable information changes that can occur as a result of carrying out the interaction

<interaction  name="NCName"
              channelVariable="QName"
              operation="NCName"
              align="true"|"false"? >

   <participate  relationshipType="QName"
                 fromRoleTypeRef="QName" toRoleTypeRef="QName" />

   <exchange  name="NCName"
              faultName="QName"?
              informationType="QName"?|channelType="QName"?
              action="request"|"respond" >
     <send      variable="XPath-expression"? 
                recordReference="list of NCName"?   
                causeException="QName"? />
     <receive   variable="XPath-expression"? 
                recordReference="list of NCName"? 
                causeException="QName"? />

   </exchange>*

   <timeout  time-to-complete="XPath-expression"
             fromRoleTypeRecordRef="list of NCName"?
             toRoleTypeRecordRef="list of NCName"? />?

   <record  name="NCName"
            when="before"|"after"|"timeout"
            causeException="QName"? >
     <source  variable="XPath-expression"? | expression="XPath-expression"? />
     <target  variable="XPath-expression" />
   </record>*
</interaction>

<?xml version="1.0" encoding="UTF-8"?>
<package xmlns="http://www.w3.org/2005/10/cdl"
     xmlns:cdl="http://www.w3.org/2005/10/cdl"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     xmlns:rns="http://www.example.com/ConsumerRetailerChoreographyIFsample"
     xmlns:tns="http://www.example.com/ConsumerRetailerChoreographysample"
     targetNamespace="http://www.example.com/ConsumerRetailerChoreographysample"
     name="ConsumerRetailerChoreography"
     version="1.0">
 
  <informationType name="purchaseOrderType" type="tns:PurchaseOrderMsg"/>
  <informationType name="purchaseOrderAckType" type="tns:PurchaseOrderAckMsg"/>
  <informationType name="badPOAckType"  type="xsd:QName" />
  <informationType name="uriType"  type="xsd:string" />

  <informationType name="intType"  type="xsd:integer" />
 
  <token name="purchaseOrderID" informationType="tns:intType"/>
  <token name="retailerRef" informationType="tns:uriType"/>
  <token name="consumerRef" informationType="tns:uriType"/>
  <tokenLocator tokenName="tns:purchaseOrderID"
                informationType="tns:purchaseOrderType" query="/PO/orderId"/>
  <tokenLocator tokenName="tns:purchaseOrderID"
                informationType="tns:purchaseOrderAckType" query="/PO/orderId"/>

  <roleType name="Consumer">
    <behavior name="consumerForRetailer" interface="rns:ConsumerRetailerPT"/>
    <behavior name="consumerForWarehouse" interface="rns:ConsumerWarehousePT"/>
  </roleType>
  <roleType name="Retailer">
    <behavior name="retailerForConsumer" interface="rns:RetailerConsumerPT"/>

  </roleType>

  <relationshipType name="ConsumerRetailerRelationship">
    <roleType typeRef="tns:Consumer" behavior="consumerForRetailer"/>
    <roleType typeRef="tns:Retailer" behavior="retailerForConsumer"/>
  </relationshipType>

  <channelType name="ConsumerChannel">
    <roleType typeRef="tns:Consumer"/>
    <reference>
      <token name="tns:consumerRef"/>
    </reference>
    <identity>

      <token name="tns:purchaseOrderID"/>
    </identity>
  </channelType>
  <channelType name="RetailerChannel">
    <passing channel="ConsumerChannel" action="request" />
    <roleType typeRef="tns:Retailer" behavior="retailerForConsumer"/>

    <reference>
      <token name="tns:retailerRef"/>
    </reference>
    <identity>
      <token name="tns:purchaseOrderID"/>
    </identity>

  </channelType>
 
  <choreography name="ConsumerRetailerChoreography">
    <relationship type="tns:ConsumerRetailerRelationship"/>
    <variableDefinitions>
      <variable name="purchaseOrder" informationType="tns:purchaseOrderType" 
                silent="false" />
      <variable name="purchaseOrderAck" 
                informationType="tns:purchaseOrderAckType" />

      <variable name="retailer-channel" channelType="tns:RetailerChannel"/>
      <variable name="consumer-channel" channelType="tns:ConsumerChannel"/>
      <variable name="badPurchaseOrderAck"   
                informationType="tns:badPOAckType" />
    </variableDefinitions>
 
    <interaction name="createPO"
                 channelVariable="tns:retailer-channel" 
                 operation="handlePurchaseOrder" >
      <participate relationshipType="tns:ConsumerRetailerRelationship" 
                   fromRoleTypeRef="tns:Consumer" toRoleTypeRef="tns:Retailer"/>

      <exchange name="request" 
                informationType="tns:purchaseOrderType" action="request">
        <send variable="cdl:getVariable('tns:purchaseOrder','','')" />
        <receive variable="cdl:getVariable('tns:purchaseOrder','','')"
                 recordReference="record-the-channel-info" />
      </exchange>
      <exchange name="response"
                informationType="purchaseOrderAckType" action="respond">
        <send variable="cdl:getVariable('tns:purchaseOrderAck','','')" />

        <receive variable="cdl:getVariable('tns:purchaseOrderAck','','')" />
      </exchange>
      <exchange name="badPurchaseOrderAckException" faultName="badPurchaseOrderAckException"
                informationType="badPOAckType" action="respond">
        <send variable="cdl:getVariable('tns:badPurchaseOrderAck','','')"
                causeException="tns:badPOAck" />
        <receive variable="cdl:getVariable('tns:badPurchaseOrderAck','','')"
                causeException="tns:badPOAck" />                 
      </exchange>

      <record name="record-the-channel-info" when="after">
        <source variable="cdl:getVariable('tns:purchaseOrder','', 
                                          '/PO/CustomerRef')"/>
        <target variable="cdl:getVariable('tns:consumer-channel','','')"/>
      </record>
    </interaction>
 </choreography>    

</package>

6.3 Composing Choreographies

The perform activity realizes the composition of choreographies by combining existing choreographies to create new ones. For example, if two separate choreographies were defined as follows:

• A "Request for Quote" ("RFQ") choreography that involves a "Buyer" roleType sending a request for a quotation for goods and services to a "Supplier" roleType to which the "Supplier" roleType responds with either a "Quotation" or a "Decline to Quote" message, and

• An "Order Placement" choreography, where the "Buyer" roleType places an order for goods or services and the "Supplier" roleType either accepts the order or rejects it

One could then create a new "Quote and Order" choreography by reusing the two, where the "RFQ" choreography was performed first, and then, depending on the outcome of the "RFQ" choreography, the order is placed using the "Order Placement" choreography. In this case the new choreography is "composed" using the two previously defined choreographies. Using this approach, choreographies can be combined to support choreographies of any required complexity, allowing more flexibility as choreographies defined elsewhere can be reused.

The perform activity enables a choreography to specify that another choreography is performed at this point in its definition, as an enclosed choreography. The performed choreography, even when defined in a different choreography package, is conceptually treated as an enclosed choreography.

The syntax of the perform construct is:

<perform  choreographyName="QName" 
          choreographyInstanceId="XPath-expression"? 
          block="true|false"? >
   <bind  name="NCName">
     <this variable="XPath-expression" roleType="QName"/>
     <free variable="XPath-expression" roleType="QName"/>
   </bind>*
   Choreography-Notation?
</perform>

Within the perform element, the choreographyName attribute references the name of the choreography to be performed.

The OPTIONAL choreographyInstanceId attribute defines an identifier for this performance of the choreography identified by the choreographyName attribute. If the performed choreography can only be performed once within the enclosing choreography, the choreographyInstanceId attribute is OPTIONAL. Otherwise it MUST be specified and the value MUST be different for each performance. This is a dynamic requirement. For example, if a single perform element appears in a workunit that can repeat, then each use of perform must assign a different choreographyInstanceId identifier.

The OPTIONAL block attribute is used to indicate whether the performing choreography should wait for the performed choreography to complete before the perform activity completes:

If the block attribute is set to "true", then the perform activity MUST wait for the performed choreography to complete

If the block attribute is set to "false", then the perform activity MUST complete immediately following the enablement of the performed choreography, which may cause the performed choreography to be active concurrently with other activities following the perform activity

The default value for the block attribute is "true". For the purpose of clarity, any non-blocking performed enclosed choreographies that have not completed prior to the end of the performing choreography, are considered to be successfully completed upon the completion of the performing choreography.

The OPTIONAL Choreography-Notation within the perform element defines a locally defined choreography that is performed only by this perform activity. If specified, the choreographyName attribute within the perform element MUST match the attribute name within the choreography element of the Choreography-Notation.

The OPTIONAL bind element within the perform element enables information in the performing choreography to be shared with the performed choreography and vice versa. Within the bind element, the attribute name is used to specify a name for each bind element declared within this perform activity. Within the bind element, the roleType attribute aliases the roleTypes from the performing choreography to the performed choreography.

The variable attribute within the this element specifies that a variable in the performing choreography is bound with the variable identified by the variable attribute within the free element in the performed choreography.

The following rules apply:

• The choreography to be performed MUST be either a locally defined choreography that is immediately contained within the performing choreography or a globally defined choreography. Performed choreographies that are declared in a different choreography package MUST be included first before they can be performed

• The roleTypes within a single bind element MUST be carried out by the same participant, hence they MUST belong to the same participantType

• The variable attribute within this element and free element MUST define only the WS-CDL function getVariable, but MUST NOT use the part name or xpath query parameters.

• The free variables specified within the free element MUST have the attribute free set to "true" in their definition within the performed choreography

• The variable attribute within this element and free element MUST reference a variable of the same type.

The example below shows a choreography composition, where a choreography "PurchaseChoreography" is performing the globally defined choreography "RetailerWarehouseChoreography" and aliases the variable "purchaseOrderAtRetailer" to the variable "purchaseOrder" defined at the performed choreography "RetailerWarehouseChoreography". Once aliased, the variable "purchaseOrderAtRetailer" extends to the enclosed choreography and thus these variables can be used interchangeably for sharing their information.

<choreography name="PurchaseChoreography">
   ...
   <variableDefinitions>
      <variable name="purchaseOrderAtRetailer"
             informationType="purchaseOrder" roleTypes="tns:Retailer"/>
   </variableDefinitions>

   ...
   <perform choreographyName="RetailerWarehouseChoreography">
      <bind name="aliasRetailer">
        <this variable="cdl:getVariable('tns:purchaseOrderAtRetailer','','')"
             roleType="tns:Retailer"/>
        <free variable="cdl:getVariable('tns:purchaseOrder','','')"
             roleType="tns:Retailer"/>
      </bind>
   </perform>

    ...
</choreography>

<choreography name="RetailerWarehouseChoreography">
    <variableDefinitions>
       <variable name="purchaseOrder"
          informationType="purchaseOrder" roleTypes="tns:Retailer" free="true"/>
    </variableDefinitions>
     ...

</choreography>

6.4 Assigning Variables

The Assign activity is used to create or change, and then make available within one roleType, the value of one or more variables using the value of another variable or expression.

The assign activity MAY also be used to cause an exception at a roleType.

The syntax of the assign construct is:

<assign  roleType="QName">
   <copy  name="NCName" causeException="QName"? >
      <source  variable="XPath-expression"?|expression="XPath-expression"? />
      <target  variable="XPath-expression" />

   </copy>+
</assign>

The copy element within the assign element creates or changes, at the roleType specified by the roleType attribute, the variable defined by the target element using the variable or expression defined by the source element at the same roleType. Within the copy element, the attribute name is used to specify a name for each copy element declared within this assign activity.

The following rules apply to assignment:

• The source MUST define either a variable attribute or an expression attribute

  • When the source defines an expression attribute, it MUST contain an expression, as defined in Section 5.3. The resulting type of the defined expression MUST be compatible with the target variable type
  • When the source defines a variable, then the source and the target variable MUST be of compatible type
  • When the source defines a variable, then the source and the target variable MUST be defined at the same roleType

• When the attribute variable is defined it MUST use only the WS-CDL function getVariable

• The target variable MUST NOT be defined with the attribute silent set to "true"

• When two or more copy elements belong to the same assign element, then they are performed in the order in which they are defined

• If there are two or more copy elements specified within an assign, then all copy operations MUST complete successfully for the assign to complete successfully. Otherwise, none of the variables specified in the target attribute will be affected

• At most one copy element MAY have the OPTIONAL attribute causeException specified

• When the attribute causeException is specified in a copy element, then an exception SHOULD be caused at the roleType specified by the attribute roleType after the assign activity has completed. In this case, the "QName" value of the causeException attribute will identify the exception that SHOULD be caused

The examples below show some possible usages of the assign construct.

Example 1:

<assign roleType="tns:Retailer">
  <copy name="copyAddressInfo">
    <source variable="cdl:getVariable('PurchaseOrderMsg','',
                                      '/PO/CustomerAddress')" />

    <target variable="cdl:getVariable('CustomerAddress','','')" />
  </copy>
</assign>

Example 2:

<assign roleType="tns:Retailer">

  <copy name="copyPriceInfo">
    <source expression="(10+237)/34" />
    <target variable="cdl:getVariable('ProductPrice','','','tns:Retailer')" />
  </copy>
</assign>

Example 3:

<assign roleType="tns:Customer">
  <copy name="copyLiteral">
    <source expression="'Hello World'" />
    <target variable="cdl:getVariable('VarName','','','tns:Customer')" />
  </copy>

</assign>

6.5 Marking Silent Actions

The silentAction activity is an explicit designator used for marking the point where participant specific actions with non-observable operational details MUST be performed. For example, the mechanism a "Buyer" is using for checking the inventory of a warehouse should not be observable to other participants, but the fact that the inventory level does influence the global observable behavior with a "Buyer" needs to be specified in the choreography definition.

The syntax of the silentAction construct is:

<silentAction name="NCName"? roleType="QName"? />

The name attribute is used to specify a name for each silent action declared within a choreography. Regardless of the roletype, there is no implication that the behavior of the silent action will be the same. In all cases, a silent action's behavior is undefined.

The OPTIONAL attribute roleType is used to specify the participant at which the silentAction will be performed. If a silent action is defined without a roleType, it is implied that the action is performed at all the roleTypes that are part of the relationships of the choreography this activity is enclosed within.

6.6 Marking the Absence of Actions

The noAction activity is an explicit designator used for marking the point where a participant does not perform any action. The noAction activity can be used in scenarios where an activity is syntactically required but no activity is applicable, in an exceptionBlock as demonstrated in the example below.

   <exceptionBlock name="handleTimeoutException">

     <workunit  name="handleTimeoutException" >
                <noAction>
     </workunit>
  </exceptionBlock>

The syntax of the noAction construct is:

<noAction roleType="QName? />

The OPTIONAL attribute roleType is used to specify the participant at which no action will be performed. If a noAction is defined without a roleType, it is implied that no action will be performed at any of the roleTypes that are part of the relationships of the choreography this activity is enclosed within.

6.7 Finalizing a Choreography

The finalize activity is used to enable a specific finalizerBlock in successfully completed instances of immediately enclosed choreographies, and thus bring those choreographies to defined conclusions.

A choreography that does not perform any choreographies that have finalizerBlocks defined MUST NOT have any finalize activities specified within it. A finalize activity MAY be present within a choreography that has performed a choreography with one or more defined finalizerBlocks - that is a finalize activity can be specified within the choreography body, within an exceptionBlock and within finalizerBlocks.

For a single performed choreography instance, at most one of its finalizerBlocks SHOULD be enabled by a finalize activity during the subsequent progress, including exception handling and finalization, of the enclosing choreography. A finalize activity performed on uninstalled finalizerBlocks will have no effect.

The syntax of the finalize construct is:

<finalize  name="NCName"? choreographyName="NCName"
            choreographyInstanceId="XPath-expression"?
            finalizerName="NCName"? />

The OPTIONAL attribute name is used to specify a distinct name for each finalize element declared within a choreography package.

The finalize activity enables a finalizerBlock in a performed instance of an immediately enclosed choreography.

The choreographyName attribute identifies the choreography referenced by the choreographyName attribute of the perform construct.

The OPTIONAL choreographyInstanceId attribute identifies the performed choreography instance to be finalized, using the value defined by the choreographyInstanceId attribute of the perform construct. The choreographyInstanceId attribute MAY be omitted if the contract logic of the performing choreography is such that only one instance of the choreography identified by the choreographyName attribute could have been performed when the finalize activity is enabled. If more than one instance of the choreography identified by the choregraphyName attribute could have been performed, then the choreographyInstanceId attribute MUST be present.

The attribute finalizerName indicates which finalizerBlock is to be enabled in the performed instance. If the targeted, immediately enclosed, choreography has more than one defined finalizerBlock, then the finalizerName attribute MUST be present.

In the example below, choreography "CreditDecider" gets credit authorizations for two bidders, "A" and "B", at most one of which can be selected. The "CreditDecider" performs a "CoordinatedCreditAuthorization" choreography for each bidder, and then finalizes each performed choreography depending on whether "A", "B" or neither was selected.

<choreography name="CreditDecider">
 
    <!-- only a snippet is shown here -->

    <parallel>
        <perform name="creditForA"
            choreographyName="CoordinatedCreditAuthorization" 
            choreographyInstanceId="'creditForA'">
            <!-- bind such that this does the business for A -->
        </perform>
        <perform name="creditForB"
            choreographyName="CoordinatedCreditAuthorization" 
            choreographyInstanceId="'creditForB'">
            <!-- bind such that this does the business for B -->

        </perform>
    </parallel>
        
    <!--  other stuff here -->
    
    <workunit name="chooseA"
        guard="cdl:getVariable('Chosen','','','Broker')='A'" >
        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForA'"
                finalizerName="drawDown"/>
        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForB'"
                finalizerName="replenish"/>

    </workunit>            

    <workunit name="chooseB"
        guard="cdl:getVariable('Chosen','','','Broker')='B'" >
        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForB'"
                finalizerName="drawDown"/>
        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForA'"
                finalizerName="replenish"/>
    </workunit>            

    <workunit name="chooseNeither"
        guard="cdl:getVariable('Chosen','','','Broker')='0'" >
        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForA'"
                finalizerName="replenish"/>

        <finalize choreographyName="CoordinatedCreditAuthorization"
                choreographyInstanceId="'creditForB'"
                finalizerName="replenish"/>
     </workunit> 


</choreography>

7.1 Interoperability with Security frameworks

Security specifications, such as WS-Security [WSS], provide enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication, including a general-purpose mechanism for associating security tokens with messages, and a description of how to encode binary security tokens.

As messages can have consequences in the real world, collaboration participants will impose security requirements on their information exchanges. WS-Security and other security specifications can be used satisfy many of these requirements.

A violation of any of the security consistency guarantees provided by the security specifications results in "errors" which MAY be reflected in the choreography as exceptions, identified by different "QNames".

7.2 Interoperability with Reliable Messaging frameworks

Reliability specifications, such as WS-Reliability [WSRM] and WS-ReliableMessaging [WSRM], provide a reliable mechanism to exchange information among collaborating participants. These specifications prescribe the formats for all information exchanged without placing any restrictions on the content of the encapsulated business documents. These specifications support message exchange patterns over various transport protocols (examples are HTTP/S, FTP, SMTP, etc.). These specifications support sequencing of messages and guaranteed, exactly once delivery.

A violation of any of these consistency guarantees results in "errors" which MAY be reflected in the choreography as exceptions, identified by different "QNames".

7.3 Interoperability with Coordination frameworks

In WS-CDL, alignment interactions and coordinated choreographies require support from a coordination protocol, where agreement on the outcome among participants can be reached even in the case of failures and loss of messages. In this case, the alignment interactions and the coordinated choreographies MUST be bound to a coordination protocol.

7.4 Interoperability with Addressing frameworks

Web Services Addressing [WSAD] provides transport-neutral mechanisms to address Web services and messages. Web Services Addressing 1.0 - Core defines a set of abstract properties and an XML Infoset [XML], [XMLNS] representation thereof to identify Web service endpoints and to facilitate end-to-end identification of endpoints in messages. The specification enables messaging systems to support message transmission through networks that include processing nodes such as endpoint managers, firewalls, and gateways in a transport-neutral manner.

WS-Addressing can be used to convey the reference and correlation information for normalizing expanded channel variable information into a uniform format that can be processed independently of transport or application.

The WS-Addressing specification is in progress and the WS-Choreography Working Group will review and comment on developments of this effort on an ongoing basis.

8.1 Conforming WS-CDL documents

A WS-CDL document conforms to the schema in Appendix B (Section 12) plus the additional syntactic and semantic constraints defined in the specification text in sections 2 through 6. The root element MUST be <package> and it MUST belong to the WS-CDL namespace.

8.2 Endpoint conformance

A conformant WS-CDL endpoint is an entity that correctly implements the observable behavior of a roleType defined within a WS-CDL choreography.

10.1 Normative References

RFC 3023

XML Media Types, M. Murata, S. St.Laurent and D. Kohn, Editors. IETF, January 2001. This RFC is available at http://www.ietf.org/rfc/rfc3023.txt.

RFC 2119

Key words for use in RFCs to Indicate Requirement Levels, S. Bradner, Editor. IETF, March 1997. This RFC is available at http://www.ietf.org/rfc/rfc2119.txt.

RFC 3986

Uniform Resource Identifiers (URI): Generic Syntax, T. Berners-Lee, R. Fielding and L. Masinter, Editors. IETF, January 2005. Obsoletes: RFC 2396, RFC 2732. This RFC is available at http://www.ietf.org/rfc/rfc3986.txt.

Extensible Markup Language (XML) 1.0 (Third Edition)

Extensible Markup Language (XML) 1.0 (Third Edition), Jean Paoli, Eve Maler, Tim Bray, et. al., Editors. World Wide Web Consortium, 04 February 2004. This version is http://www.w3.org/TR/2004/REC-xml-20040204. The latest version is available at http://www.w3.org/TR/REC-xml.

Extensible Markup Language (XML) 1.1

Extensible Markup Language (XML) 1.1, François Yergeau, John Cowan, Tim Bray, et. al., Editors. World Wide Web Consortium, 04 February 2004. This version is http://www.w3.org/TR/2004/REC-xml11-20040204/. The latest version is available at http://www.w3.org/TR/xml11/.

Namespaces in XML

Namespaces in XML, Andrew Layman, Dave Hollander, and Tim Bray, Editors. World Wide Web Consortium, 14 January 1999. This version is http://www.w3.org/TR/1999/REC-xml-names-19990114. The latest version is available at http://www.w3.org/TR/REC-xml-names.

XML Schema Part 1: Structures Second Edition

XML Schema Part 1: Structures Second Edition, David Beech, Murray Maloney, Henry S. Thompson, and Noah Mendelsohn, Editors. World Wide Web Consortium, 28 October 2004. This version is http://www.w3.org/TR/2004/REC-xmlschema-1-20041028/. The latest version is available at http://www.w3.org/TR/xmlschema-1/.

XML Schema Part 2: Datatypes Second Edition

XML Schema Part 2: Datatypes Second Edition, Ashok Malhotra and Paul V. Biron, Editors. World Wide Web Consortium, 28 October 2004. This version is http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/. The latest version is available at http://www.w3.org/TR/xmlschema-2/.

XPointer Framework

XPointer Framework, Paul Grosso, Eve Maler, Jonathan Marsh, and Norman Walsh, Editors. World Wide Web Consortium, 25 March 2003. This version is http://www.w3.org/TR/2003/REC-xptr-framework-20030325/. The latest version is available at http://www.w3.org/TR/xptr-framework/.

XML Inclusions (XInclude) Version 1.0

XML Inclusions (XInclude) Version 1.0, Jonathan Marsh and David Orchard, Editors. World Wide Web Consortium, 20 December 2004. This version is http://www.w3.org/TR/2004/REC-xinclude-20041220/. The latest version is available at http://www.w3.org/TR/xinclude/.

Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language

Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language, Sanjiva Weerawarana, Roberto Chinnici, Martin Gudgin, et. al., Editors. World Wide Web Consortium, 03 August 2005. This version is http://www.w3.org/TR/2005/WD-wsdl20-20050803. The latest version is available at http://www.w3.org/TR/wsdl20.

Basic Profile

Basic Profile Version 1.1, Keith Ballinger, David Ehnebuske, Christopher Ferris et. al., Editors. The Web Services-Interoperability Organization, 24 September 2004. This version is http://www.ws-i.org/Profiles/BasicProfile-1.1-2004-08-24.html. The latest version is available at http://www.ws-i.org/Profiles/BasicProfile-1.1.html.

10.2 Informative References

SOAP Version 1.2 Part 1: Messaging Framework

SOAP Version 1.2 Part 1: Messaging Framework, Marc Hadley, Noah Mendelsohn, Jean-Jacques Moreau, et. al., Editors. World Wide Web Consortium, 24 June 2003. This version is http://www.w3.org/TR/2003/REC-soap12-part1-20030624/. The latest version is available at http://www.w3.org/TR/soap12-part1/.

Processing XML 1.1 documents with XML Schema 1.0 processors

Processing XML 1.1 documents with XML Schema 1.0 processors, Henry S. Thompson , Editor. World Wide Web Consortium, 11 May 2005. This version is http://www.w3.org/TR/2005/NOTE-xml11schema10-20050511/. The latest version is available at http://www.w3.org/TR/xml11schema10.

UDDI v3

UDDI Version 3.0.2, Luc Clement, Andrew Hately, Claus von Riegen, Tony Rogers, Editors. OASIS Open, 19 October 2004. This version is http://uddi.org/pubs/uddi-v3.0.2-20041019.htm. The latest version is available at http://uddi.org/pubs/uddi_v3.htm

Web Service Choreography Interface (WSCI) 1.0

Web Service Choreography Interface (WSCI) 1.0, Assaf Arkin, Sid Askary, Scott Fordin, et. al., Editors. W3C Note. This version is http://www.w3.org/TR/2002/NOTE-wsci-20020808. The latest version is available at http://www.w3.org/TR/wsci.

XLANG

XLANG, Satish Thatte, Author. Microsoft Corporation, 2001. This document is available at http://www.gotdotnet.com/team/xml_wsspecs/xlang-c/default.htm.

WSFL 1.0

Web Services Flow Language (WSFL) Version 1.0, Frank Leymann, Editor. IBM, May 2001. This PDF document is available at http://www-3.ibm.com/software/solutions/webservices/pdf/WSFL.pdf.

WS-BPEL 2.0

Web Services Business Process Execution Language Version 2.0, Assaf Arkin, Sid Askary, Ben Bloch, et. al., Editors. OASIS Open, December 2004. This document is available at http://www.oasis-open.org/committees/download.php/10347/wsbpel-specification-draft-120204.htm.

BPML 1.0

Business Process Modeling Language, Assaf Arkin, Editor. BPMI.org, November 2002. This document is available at http://www.bpmi.org/downloads/BPML1.0.zip.

WPDI XML PDL

Workflow Process Definition Interface -- XML Process Definition Language, Roberta Norin, Editor. The Workflow Management Coalition, October 2002. This pdf document is available at http://www.wfmc.org/standards/docs/TC-1025_10_xpdl_102502.pdf.

WS-CAF 1.0

OASIS Web Services Composite Application Framework (WS-CAF) TC, This TC page is available at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-caf.

WS-Reliability 1.1

WS-Reliability 1.1 , Kazunori Iwasa, Jacques Durant, Tom Rutt, et. al., Editors. OASIS Open, August 2004. This document is available at http://www.oasis-open.org/committees/download.php/9330/WS-Reliability-CD1.086.zip.

Java Language Specification

Java Language Specification , James Gosling, Bill Joy, Guy Steele, Gilad Bracha, Editors. Sun Microsystems, Inc., 2000. This document is available at http://java.sun.com/docs/books/jls/second_edition/html/j.title.doc.html.

WS-Security TC

OASIS Web Services Security (WSS) TC , This TC page is available at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss.

Java 2 Entreprise Edition

Java 2 Platform, Enterprise Edition (J2EE), See http://java.sun.com/j2ee/.

C# Language Specification

C# Language Specification, ECMA.. This document is available at http://www.ecma-international.org/publications/standards/Ecma-334.htm.

Web Services Addressing - Core

Web Services Addressing - Core, Martin Gudgin, Marc Hadley, Editors. World Wide Web Consortium, 17 August 2005. This version is http://www.w3.org/TR/2005/CR-ws-addr-core-20050817. The latest version is available at http://www.w3.org/TR/ws-addr-core.

Resource Description Framework (RDF): Concepts and Abstract Syntax

Resource Description Framework (RDF): Concepts and Abstract Syntax, Graham Klyne, Jeremy J. Carroll, Editors. World Wide Web Consortium, 10 February 2004. This version is http://www.w3.org/TR/2004/REC-rdf-concepts-20040210/. The latest version is available at http://www.w3.org/TR/rdf-concepts/.

OWL Web Ontology Language Overview

OWL Web Ontology Language Overview, Deborah L. McGuinness, Frank van Harmelen, Editors. World Wide Web Consortium, 10 February 2004. This version is http://www.w3.org/TR/2004/REC-owl-features-20040210/. The latest version is available at http://www.w3.org/TR/owl-features/.

UN/CEFACT Modelling Methodology

UN/CEFACT Modelling Methodology - Introduction, United Nations Economic Commission for Europe, 10 January 2005. This document is available at http://www.unece.org/cefact/umm/ch1_intro.pdf

ebBP 2.0

OASIS ebXML Business Process TC, This TC page is available at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ebxml-bp.

BPSS 1.1

Business Process Specification Schema v1.01, Business Process Project Team, UN/CEFACT and OASIS, 11 May 2001. This version is http://www.ebxml.org/specs/ebBPSS.pdf.