XACML for Authorization

standardized, attribute based, externalized, fine-grained and dynamic authorization for enterprise applications

Month – June 2012

WSO2 User Core deployment patterns with WSO2 Identity Server

This is my second blog post about user management functionality of WSO2 Carbon.  It is better, if you can go through my first blog post before you are reading this. Here we are going to talk about deployment pattern of WSO2 Identity Server’s User kernel (Or any WSO2 Carbon product) with default user realm implementations. […]

User Core concepts in WSO2 Identity Server.

In my previous blog posts. I have mainly discussed on WSO2 Identity Server as a powerful XACML engine with PDP, PAP and PIP components. In this blog post also i am going to talk about WSO2 Identity Server, But not about XACML …..  WSO2 Identity Server is not just a XACML engine. It has many […]

PEP client for WSO2 Identity Server PDP

In my previous post, I explained some important things about “EntitlementService“. According to them; when we are writing a PEP client, we need to consider about followings. 1. As HTTPS  (SSL over HTTP) is used for communication, your client (PEP)  needs to trust the EntitlementService.  Therefore WSO2 Identity Server’s SSL certificate must be in your […]

PDP PEP Communication – how WSO2 Identity Server defines

XACML specification clearly defines the externalized architecture, by separating the PDP PEP components. PDP decides authorization decisions where PEP can talk to PDP and get those decisions. Therefore it is better to have a standard way of doing PEP and PDP communication. Because in a deployment any application (PEP) could communicate with any PDP  irrespective […]

XACML for Authorization © 2015 Frontier Theme