Hi Nirubikka, With this handler implementation, Are you planing to implement the UI for configuring policy as we have for xacml in [1] as well? What is the IS version we are planing add this?
[1] https://docs.wso2.com/display/IS570/Creating+a+XACML+Policy Thanks shammi On Wed, May 15, 2019 at 10:50 PM Nilasini Thirunavukkarasu < [email protected]> wrote: > Hi, > > After analyzing online resources[1][2] and offline discussion with @Maduranga > Siriwardena <[email protected]> could able to get the answers for the > questions I have asked. > > - OPA is flexible, easy to use and maintainable so people tend to use OPA > to write and make decisions hence we need to provide the capability to > use OPA if someone needs. > - At the same time, some people still will be using XACML hence we > will be keeping both XACML and OPA. > > [1] https://www.infoq.com/news/2019/04/open-policy-agent-cncf > [2] > https://www.openpolicyagent.org/docs/latest/comparison-to-other-systems > > Thanks, > Nila. > > > > On Wed, May 15, 2019 at 11:46 AM Nilasini Thirunavukkarasu < > [email protected]> wrote: > >> Hi Nirubikaa, >> >> On Wed, May 15, 2019 at 11:32 AM Nirubikaa Ravikumar <[email protected]> >> wrote: >> >>> Hi all, >>> >>> >>> >>> I am working on implementing an Open Policy Agent(OPA) authorization >>> handler for WSO2 Identity Server. >>> >>> >>> OPA is a lightweight general-purpose policy engine. Policies in OPA are >>> written in a high-level declarative language. You can find more information >>> about OPA from [1]. >>> >>> >>> The main Idea of this Authorization handler is to authorize a user based >>> on the policy which is stored at the OPA server, similar to what we already >>> do with XACML. >>> >> >> According to the shared diagram, AFAIU OPA server will evaluate the >> policy and sends the decision to IS. But we already have a XACML engine to >> do the same job. In that case, could you please explain more on what is the >> specific reason for implementing an OPA even though we already have XACML >> engine to evaluate the policies?. Once we implement the OPA are we planning >> to deprecate XAML engine? >> >> Thanks, >> Nila. >> >> >>> [1] https://www.openpolicyagent.org/docs/latest >>> >>> >>> >>> Please find the flow Diagram attached to this email. >>> >>> >>> >>> >>> Thanks, >>> >>> >>> -- >>> R.Nirubikaa >>> Software Engineering Intern | WSO2 >>> M: O779108852 >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "IAM team" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/wso2.com/d/msgid/iam-group/CA%2BP04X9vN_8m-ZELn8wVpxK8ZdZXjsqKeGdGMozcYCcaKLnQ4A%40mail.gmail.com >>> <https://groups.google.com/a/wso2.com/d/msgid/iam-group/CA%2BP04X9vN_8m-ZELn8wVpxK8ZdZXjsqKeGdGMozcYCcaKLnQ4A%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> >> >> -- >> Nilasini Thirunavukkarasu >> Senior Software Engineer - WSO2 >> >> Email : [email protected] >> Mobile : +94775241823 >> Web : http://wso2.com/ >> >> >> <http://wso2.com/signature> >> > > > -- > Nilasini Thirunavukkarasu > Senior Software Engineer - WSO2 > > Email : [email protected] > Mobile : +94775241823 > Web : http://wso2.com/ > > > <http://wso2.com/signature> > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Best Regards, * Shammi Jayasinghe* *Senior Technical Lead* *WSO2, Inc.* *+1-812-391-7730* *+1-812-327-3505* *http://shammijayasinghe.blogspot.com <http://shammijayasinghe.blogspot.com>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
