Policy Partial Editor does not sound good. How about 'policy template editor'? On Aug 26, 2014 3:12 PM, "Rushmin Fernando" <rush...@wso2.com> wrote:
> Attached is the UI mock-up of the app create/edit screen as well as the > policy partial editor. > > Thanks > Rushmin > > > On Tue, Aug 26, 2014 at 2:03 PM, Sumedha Rubasinghe <sume...@wso2.com> > wrote: > >> Rushmin, >> Can you also send a mock UI of the resources section that we discussed? >> That will make it more clear on how Policy partials & URL templates are >> mapped. >> >> >> On Tue, Aug 26, 2014 at 1:48 PM, Rushmin Fernando <rush...@wso2.com> >> wrote: >> >>> App Manager supports both database driven simple roles based resource >>> authorization and XACML based authorization. >>> >>> After reviewing the existing XACML based solution, the following changes >>> are proposed. >>> >>> Concepts >>> ======= >>> >>> 1) Policy Partials >>> >>> 'Target' section of a XACML policy in App Manager can be auto generated, >>> since the use defines the URL pattern and the action (HTTP verb) for the >>> resources to be restricted. So only the 'rules' are the dynamic parts. >>> >>> So in this proposal, users are able to save the conditions of the rules >>> (or may be the rules) against the app. These are called policy partials. >>> >>> 2) Applying policy partials to URL templates >>> >>> In App Manager publisher there is UI to add url patterns which should be >>> applied throttling, role restrictions etc.. There will be option for the >>> user to apply one or more policy partials which are defined in step 1, to >>> these URL templates. >>> >>> 3) Policy generation >>> >>> Actual XACML policies will be generated, taking the policy template, >>> applied policy partials and URL template info. There generate policies will >>> be persistent and published via identity admin services. >>> >>> Please see the attached illustration for more details. >>> >>> >>> >>> >>> -- >>> *Rushmin Fernando* >>> *Technical Lead* >>> >>> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >>> >>> email : rush...@wso2.com >>> mobile : +94772310855 >>> >>> >>> >> >> >> -- >> /sumedha >> b : bit.ly/sumedha >> > > > > -- > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > email : rush...@wso2.com > mobile : +94772310855 > > >
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
