Re: [Dev] How to send subject in a XACML request

Godwin Shrimal Thu, 02 Nov 2017 01:25:20 -0700

Thanks for the response Dinali.

On Thu, Nov 2, 2017 at 12:19 PM, Dinali Dabarera <[email protected]> wrote:


> Hi Godwin,
>
> When we are sending the Subject in a JSON payload, I figured out it should
> be "*AccessSubject*" not Subject.
>
> This is the sample request payload I changed for JSON,
>
> {
>     "Request": {
>      "AccessSubject": {
>                      "Attribute": [
>                            {
>                                   "AttributeId":
> "urn:oasis:names:tc:xacml:1.0:subject:subject-id",
>                                   "Value": "Andreas"
>                            }
>            ]
>               },
>         "Action": {
>             "Attribute": [
>                 {
>                     "AttributeId": "urn:oasis:names:tc:xacml:1.0:
> action:action-id",
>                     "Value": "read"
>                 }
>             ]
>         },
>         "Resource": {
>             "Attribute": [
>                 {
>                     "AttributeId": "urn:oasis:names:tc:xacml:1.0:
> resource:resource-id",
>                     "Value": "http://127.0.0.1/service/very_secure/";
>                 }
>             ]
>         }
>     }
> }
>
> I will update the doc with these details.
>
>
> Thanks!
>
> Dinali
>
>
>
>
> On Thu, Nov 2, 2017 at 10:13 AM, Godwin Shrimal <[email protected]> wrote:
>
>> Hi Dinali,
>>
>> XML request format is clear and I guess we have enough information
>> regarding that. I am referring to JSON format on how to send subject.
>>
>>
>> Thanks
>> Godwin
>>
>> On Tue, Oct 31, 2017 at 10:24 PM, Dinali Dabarera <[email protected]>
>> wrote:
>>
>>> Hi Godwin,
>>>
>>> As you mentioned in your offline chats, there is no mention about "how
>>> to send the subject in the XACML Request" in our Docs.
>>>
>>> I did a small research on XACML spec and figured out we could send the
>>> subject in the XACML request as follows,
>>>
>>> I changed the sample request on my blog [1] with the Subject attribute
>>> as follows
>>>
>>> Request:
>>>
>>> <Request CombinedDecision="false" ReturnPolicyIdList="false" 
>>> xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17">
>>>  <Attributes 
>>> Category="urn:oasis:names:tc:xacml:3.0:subject-category:access-subject">
>>>       <Attribute IncludeInResult="false" 
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id">
>>>          <AttributeValue 
>>> DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">[email protected]</AttributeValue>
>>>       </Attribute>
>>>    </Attributes>
>>>     <Attributes 
>>> Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action">
>>>         <Attribute 
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" 
>>> IncludeInResult="false">
>>>             <AttributeValue 
>>> DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue>
>>>         </Attribute>
>>>     </Attributes>
>>>     <Attributes 
>>> Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">
>>>         <Attribute 
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" 
>>> IncludeInResult="false">
>>>             <AttributeValue 
>>> DataType="http://www.w3.org/2001/XMLSchema#string";>http://127.0.0.1/service/very_secure/
>>>  </AttributeValue>
>>>         </Attribute>
>>>     </Attributes>
>>> </Request>
>>>
>>> I will update XACML docs with this information.
>>> Please let me know if you have any concerns on this! I hope this is what
>>> you expected.
>>>
>>> [1] https://medium.com/@gdrdabarera/how-entitlement-management-w
>>> orks-with-rest-api-via-xacml-in-wso2-identity-server-5-3-0-7a60940d040c
>>>
>>> Thank you!
>>> Dinali
>>> 
>>> -
>>> *Dinali Rosemin Dabarera*
>>> Software Engineer
>>> WSO2 Lanka (pvt) Ltd.
>>> Web: http://wso2.com/
>>> Email : [email protected]
>>> LinkedIn <https://lk.linkedin.com/in/dinalidabarera>
>>> Mobile: +94770198933 <+94%2077%20019%208933>
>>>
>>>
>>>
>>>
>>> <https://lk.linkedin.com/in/dinalidabarera>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> *Godwin Amila Shrimal*
>> Associate Technical Lead
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: *+94772264165*
>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/
>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>*
>> twitter: https://twitter.com/godwinamila
>> <http://wso2.com/signature>
>>
>
>
>
> --
> *Dinali Rosemin Dabarera*
> Software Engineer
> WSO2 Lanka (pvt) Ltd.
> Web: http://wso2.com/
> Email : [email protected]
> LinkedIn <https://lk.linkedin.com/in/dinalidabarera>
> Mobile: +94770198933 <+94%2077%20019%208933>
>
>
>
>
> <https://lk.linkedin.com/in/dinalidabarera>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
*Godwin Amila Shrimal*
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: *+94772264165*
linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/
<https://www.linkedin.com/in/godwin-amila-2ba26844/>*
twitter: https://twitter.com/godwinamila
<http://wso2.com/signature>

_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] How to send subject in a XACML request

Reply via email to