Shawn, Thanks for the reply. In my particular situation, I have to provide support for both C# and Java. So I was thinking of providing an API that would wrap all the AAA stuff behind a network interface that both Java and C# clients could use -- is this even feasible? I should point out that there will not be a web server or servlet container involved. The AAA piece would be a plain old Java application.
Thanks, Roger. From: Shawn McKinney <[email protected]> To: [email protected] Date: 02/21/2017 05:39 AM Subject: Re: Is there support for C# policy enforcement points? > On Feb 20, 2017, at 5:04 PM, [email protected] wrote: > > Is there any support for policy enforcement points in C#? If not, how > difficult would it be to create it? Welcome Roger, the short answer is ?no? there isn?t a C# interface for the RBAC system management APIs and it would be a significant effort to create one. There is a glimmer of light however, and it has to do with the OpenLDAP accelerator overlay. To learn more about it, check out a youtube video of a presentation I gave at last year?s apachecon: https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_watch-3Fv-3DMqcb-5FT8WMMM-26t-3D1822s&d=DQIFaQ&c=zVFQZQ67ypsA9mYKSCqWmQHiVkCCaN-Gb60_N6TVnLk&r=iat1tmf0Sit93_IOdRawtzLRj38d7h-hYx9EdHSfZmg&m=080DtJFSm9gxDh79hv6NRlPZDhZpo2WWAUZvCSZ5JB4&s=3_W54JPR6FBDKXGke6158qa4nBXaxYc6sPRBzFavavY&e= The existing code for the accelerator is comprised of the following: 1. OpenLDAP slapo-rbac overlay (serverside) 2. rbac accelerator java bindings (clientside) 3. rbac accelerator C bindings (clientside) This source code has not yet been released, but will be ? soon (a week or two). So, if you are willing to wait a bit, are using openldap server, can use C, and can tolerate some bugs -- you?re in luck. After watching the video you?ll understand it is much easier to create client bindings because most of the code resides on the server. The client is merely formatting the extended LDAP messages to/from the server. This means if you wanted to code your own C# bindings connecting to the rbac accelerator, it would be a much smaller task, than creating something like another fortress. Hope this helps, Shawn
