I have submitted a pull request for my port of the Admin interface. I'll check what other changes were made and see what else I can submit.
BTW, although I had previously worked for AT&T, including working on software that interacted with AT&T's original XACML engine, I no longer work for AT&T. My interest in this project came from my desire to have a RESTful API for XACML authorization, I found this project via Google, and my contributions to this project are my own. In this regard I am a truly independent contributor. On Mon, Feb 8, 2016 at 2:42 PM, David Ash <[email protected]> wrote: > I think it hasn't seen much activity over the past two months because it's > been a holiday season. I know most of the AT&T people take most of > December off (once upon a time, I was one). > > It has a lot of work to be done before it's functional and even remotely > mature, and we're not going to see a lot of outside interest until it gets > there. > * The Admin part is crucial, and it hadn't even been ported over (I ported > it myself, still need to fork in github and do a pull-request). > * There's a shortage of documentation. To the point that it's unusable. > * It's complicated enough that its difficult to come up with the > documentation. > > Now, sure there seems to be a shortage of interest but I say give that > time. XACML is not a thing of the past, it's still part of the future. > Organizations and software developers are still slowly moving to XACML -- > it is the best authorization solution in existence to my knowledge, and > fits nicely into a modern auth stack with SCIM, JSON Identity Suite, OpenID > Connect, and OAuth. ( > http://www.slideshare.net/nordicapis/1415-twobo-nordicap-istour > ). Most developers still aren't using an external authorization solution > because they are building highly-coupled monolithic software that sucks. > And honestly, there aren't a lot of other free open source options. The > only alternative I see that is any good is WSO2's Identity Server (which is > vastly superior to this product, but hey that's an opportunity in some > ways). If this project really succeeded, it would at least allow > developers of open source systems to build better, more modular software. > > The main problem I see is that AT&T still has most of the knowledge and is > able to put very little effort behind it. We need Pam's team to write up > some high quality documentation (particularly for the API's) and release > that information. > > The other problem I see is there's kind of a lack of vision as far as I > can tell. We need someone in the lead that has the time to craft a vision > for what this product should really be. When you look at WSO2's Identity > Server, you immediately start realizing the possibilities -- things that > this project haven't even touched yet. > > > Thanks, > > David Ash > > > PS. I'll put in a pull request for my port of the Admin interface. > > > > On Mon, Feb 8, 2016 at 9:59 AM, Emmanuel Lécharny <[email protected]> > wrote: > >> Le 08/02/16 16:53, Carlos Perez a écrit : >> > Hi guys, >> > >> > While I completely understand the reasoning for the discussion to retire >> > OpenAXZ, and to be completely honest I was surprised it took this long), >> > it would be a real shame to see it just fade away into oblivion. >> >> I Agree. >> >> > >> > That said, what does happen when a project never makes it to a TLP? >> >> From Apache POV, not a lot. We just shut down the mailing lists, and >> close the repos (no more writes allowed). >> >> >> > Does >> > it have a chance to be resuscitated later if it is deemed worthwhile and >> > has more interest? >> It's always a possibility. A very remote one, I have to say. The fact >> that in almost 2 years the project hasn't be able to attract any new >> contributors, and that almost no activity has been seen from the initial >> contributors make it unlikely that the project could make a come back. >> >> In 10 years, I haven't seen that happen. Not once. >> >> >> > Does the license revert back to AT&T? >> >> Good question. I can ask [email protected] about that. The fact that it didn't >> make it to a TLP might be relevant. For TLPs, the code base has been >> granted to The ASF and remains so, same for the name. >> > >> > XACML is a complicated spec and I can¹t say that I fully understand it >> > yet, but I think it solves a real problem (I just regret not having the >> > time personally to help push it along). >> >> That's the main issue : the fcat that it's a complex code base might be >> intimidating for many of the potential users. But IMHO, would it be >> really a critical brick of many IT systems, it *would* have attracted >> developpers. That raises the question of XACML as a useful technology. >> It as been around for more than 10 years now, and I'm not sure that it >> captured a lot of interest. But that may be just me... (and I *think* it >> could have been a big hit years ago. Not so sure nowadays.) >> >> Thanks ! >> >> >
