XACML for Authorization

standardized, attribute based, externalized, fine-grained and dynamic authorization for enterprise applications

Month – December 2011

Writing simple PIP module for WSO2 Identity Server

One of my previous post, I have discussed about the PIP implementation of the WSO2 Identity Server. Now lets try to write a simple PIP attribute finder module to plug in to the WSO2 Identity Server. There are two ways that you can write a PIP attribute finder module  By implementing the “PIPAttributeFinder” Interface. You […]

PIP Architecture with WSO2 Identity Server

WSO2 Identity Server is based on the sun xacml implementation.  Sunxacml provides an interface for plugging different PIP implementations as modules. “AttributeFinderModule” is the interface that would allow us to do this But WSO2 identity Server would not force us to use it. Because sunxacml’s interface  seems to be more complex and Carbon platform features would not […]

Understanding PIP (Policy Information Point)

According to the XACML reference architecture, PIP is the system entity that acts as a source of attribute values. Basically if there are missing attributes in the XACML request which is sent by PEP, PIP would find them for the PDP to evaluate the policy. To understand this better, lets go though sample XACML policy […]

XACML for Authorization © 2015 Frontier Theme