Attached is the UI mock-up of the app create/edit screen as well as the policy partial editor.
Thanks Rushmin On Tue, Aug 26, 2014 at 2:03 PM, Sumedha Rubasinghe <sume...@wso2.com> wrote: > Rushmin, > Can you also send a mock UI of the resources section that we discussed? > That will make it more clear on how Policy partials & URL templates are > mapped. > > > On Tue, Aug 26, 2014 at 1:48 PM, Rushmin Fernando <rush...@wso2.com> > wrote: > >> App Manager supports both database driven simple roles based resource >> authorization and XACML based authorization. >> >> After reviewing the existing XACML based solution, the following changes >> are proposed. >> >> Concepts >> ======= >> >> 1) Policy Partials >> >> 'Target' section of a XACML policy in App Manager can be auto generated, >> since the use defines the URL pattern and the action (HTTP verb) for the >> resources to be restricted. So only the 'rules' are the dynamic parts. >> >> So in this proposal, users are able to save the conditions of the rules >> (or may be the rules) against the app. These are called policy partials. >> >> 2) Applying policy partials to URL templates >> >> In App Manager publisher there is UI to add url patterns which should be >> applied throttling, role restrictions etc.. There will be option for the >> user to apply one or more policy partials which are defined in step 1, to >> these URL templates. >> >> 3) Policy generation >> >> Actual XACML policies will be generated, taking the policy template, >> applied policy partials and URL template info. There generate policies will >> be persistent and published via identity admin services. >> >> Please see the attached illustration for more details. >> >> >> >> >> -- >> *Rushmin Fernando* >> *Technical Lead* >> >> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >> >> email : rush...@wso2.com >> mobile : +94772310855 >> >> >> > > > -- > /sumedha > b : bit.ly/sumedha > -- *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware email : rush...@wso2.com mobile : +94772310855
xacml_resource_authorization_ui_mockup.pdf
Description: Adobe PDF document
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture