Hi!
Cogent Logic Corporation is due to launch a generic, Axis-based RBAC system later this
month called 'Send-Encrypted, Web Service Edition'. This is a turn-key solution that
uses XACML and X.509 PKI. The cost is US$1 (yes, one dollar!)* per end-user
certificate with no additional charges whatsoever. Users can be granted access
according to the following granularity:
- Any web service on any server within the issuing realm (i.e. for servers over
which you have control)
- Any web service on specific server(s)
- Specific web service(s) on specific server(s)
- Specific method(s) within specific web service(s) on specific server(s)
Warmest regards,
Jeff Lawson
Cogent Logic Corporation
Toronto, Canada
+1 (416) 340 8025
* There is a minimum charge of $20 which gives you access control for 20 users.
There is an unlimited-use option for a named enterprise in a named country.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 10, 2003 10:24 AM
To: [EMAIL PROTECTED]
Subject: AXIS and RBAC
Dear AXIS List,
I'm working on developing an RBAC (Role Based Access Control) system to
protect our Asset Management resources. Currently, I have a
PermissionsHandler which sets the permissions necessary to perform a given
operation. This information is then set in the MessageContext and is
referenced by the AuthorizationHandler.
Now it occurs to me that it would be alot more flexible (not to mention
writing less code on my end) to specify this permission in an XML file,
which could then be referenced by a generic PermissionsHandler instead of
having a seperate PermissionsHandler for each service.
Before I head down this road, I thought I would check to see if this was
something that had been tackled already. I didn't see anything in either
the WSDD schema or the WSDL specification, but it's possible I could have
missed something.
Thanx,
Ian
Ian D. Stewart
Open Systems Engineer II
Enterprise Midrange - Bank One Infrastructure & Operations
[EMAIL PROTECTED]
(614) 213-6100
This transmission may contain information that is privileged, confidential and/or
exempt from disclosure under applicable law. If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution, or use of the
information contained herein (including any reliance thereon) is STRICTLY PROHIBITED.
If you received this transmission in error, please immediately contact the sender and
destroy the material in its entirety, whether in electronic or hard copy format. Thank
you.
