Category: XACML

Multiple decision profile – Hierarchical resources

In my previous post, we went though defining XACML policies for web application. Now i am going to try out the scenario, that is defined there with second approach. i.e. Multiple decision profile  with hierarchical resource profile.  Here i am using Identity Server which is an open source XACML engine that supports XACML 3.0, multiple […]

XACML based Access Control for Web Applications

XACML is the standard for access control in the SOA. But it seems to be that it is still not much widely adopted within the enterprises yet. I guess, mostly people may not have an idea about the capability of the XACML… It just not a XML based policy language… It has lot of extensibility […]

XACML PIP for finding hierarchical resources

If you are working with XACML.  You surely have heard about the PIP (Policy information Point). PIPs help to PDP by finding things that are needed for policy evaluation. PIPs are mostly extension points that can be implemented and plugged with PDP according to the your use case. Identity Server supports several PIP extension points. […]

XPath in XACML – Part 1

XPath is playing an import role in XACML when policies are evaluated for XML based data. When XML data is passed across nodes, PEP can be an interception point that calls the PDP with passing XML data. Based on the XML data, PDP can take decisions.  Let see how we can develop simple policy that […]

XACML PDP Performance Testing

Long time ago, i tied to discuss on measuring XACML PDP performance.  As i mentioned earlier,  it was little bit tricky task to define a proper test suit for XACML performance testing.  But however, I have done some performance  testing with WSO2 Identity Server, which is an open source XACML engine based on Balana. Using […]