Thanks Farasath for your response. Yes, both would solve my problem.
So you are saying that we can pass a policy id in the XACML request, so that the XACML engine will only consider that policy when it comes to evaluating ? Thanks Rushmin On Sat, Mar 21, 2015 at 10:21 PM, Farasath Ahamed <farasa...@wso2.com> wrote: > Hi Rushmin, > > So what you basically want is a XACML policy which becomes applicable > based on a policy ID? > or do you want to reuse 'conditions' generated by the user by say giving > them a referenceID or something? > > I think both of which is possible in XACML 3.0. Can you elaborate more on > the condition 'part' you have mentioned above? > > On Sat, Mar 21, 2015 at 1:16 PM, Rushmin Fernando <rush...@wso2.com> > wrote: > >> Hi IS Team, >> >> In App Manager we have the following requirement. >> >> 1) App creator need to associate authorization rules for URL pattern + >> HTTP verb combinations >> >> 2) They are given a UI to add a URL pattern, select an HTTP verb and then >> apply an authorization rule. >> >> 3) App Manager uses XACML for these authorization rules. >> >> 4) Since the 'resource' and 'action' parts of the XACML policy is >> determined the aforementioned UI inputs, user is only allowed to write the >> 'condition' part. And the actual XACML policy is generated using these >> parts. >> >> 5) But the thing is, we need to re-use these 'conditions'. We do it in >> App Manager level. But we end up with generating XACML policies for >> 'resource' + 'action' combinations. >> >> Is there a way that we can have a single XACML policy which only has the >> condition 'part' and evaluate the XACML request using that specific policy >> (by giving the policy ID ) ? >> >> -- >> *Rushmin Fernando* >> *Technical Lead* >> >> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >> >> email : rush...@wso2.com >> mobile : +94772310855 >> >> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > *Farasath Ahamed* > Software Engineering Intern > WSO2 Inc.; http://wso2.com > > Mobile: +94 777 603 866 > E-Mail: farasath <http://goog_1999535192>a...@wso2.com > Blog: http://thepseudocode.blogspot.com/ > -- *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware email : rush...@wso2.com mobile : +94772310855
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
