Hi Rushmin, So what you basically want is a XACML policy which becomes applicable based on a policy ID? or do you want to reuse 'conditions' generated by the user by say giving them a referenceID or something?
I think both of which is possible in XACML 3.0. Can you elaborate more on the condition 'part' you have mentioned above? On Sat, Mar 21, 2015 at 1:16 PM, Rushmin Fernando <[email protected]> wrote: > Hi IS Team, > > In App Manager we have the following requirement. > > 1) App creator need to associate authorization rules for URL pattern + > HTTP verb combinations > > 2) They are given a UI to add a URL pattern, select an HTTP verb and then > apply an authorization rule. > > 3) App Manager uses XACML for these authorization rules. > > 4) Since the 'resource' and 'action' parts of the XACML policy is > determined the aforementioned UI inputs, user is only allowed to write the > 'condition' part. And the actual XACML policy is generated using these > parts. > > 5) But the thing is, we need to re-use these 'conditions'. We do it in App > Manager level. But we end up with generating XACML policies for 'resource' > + 'action' combinations. > > Is there a way that we can have a single XACML policy which only has the > condition 'part' and evaluate the XACML request using that specific policy > (by giving the policy ID ) ? > > -- > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > email : [email protected] > mobile : +94772310855 > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Farasath Ahamed* Software Engineering Intern WSO2 Inc.; http://wso2.com Mobile: +94 777 603 866 E-Mail: farasath <http://goog_1999535192>[email protected] Blog: http://thepseudocode.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
