Hi Dinali, You can find few details on writing XACML policies here [1]. The sample policies have several sample requests that shows how the attributes are sent in the XACML request. I think we can fit in the topic you mentioned, around this location.
[1] - https://docs.wso2.com/display/IS530/Writing+XACML3+Policies+in+WSO2+Identity+Server Thanks, Pushpalanka On Tue, Oct 31, 2017 at 10:24 PM, Dinali Dabarera <din...@wso2.com> wrote: > Hi Godwin, > > As you mentioned in your offline chats, there is no mention about "how to > send the subject in the XACML Request" in our Docs. > > I did a small research on XACML spec and figured out we could send the > subject in the XACML request as follows, > > I changed the sample request on my blog [1] with the Subject attribute as > follows > > Request: > > <Request CombinedDecision="false" ReturnPolicyIdList="false" > xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"> > <Attributes > Category="urn:oasis:names:tc:xacml:3.0:subject-category:access-subject"> > <Attribute IncludeInResult="false" > AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> > <AttributeValue > DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">b...@simpsons.com</AttributeValue> > </Attribute> > </Attributes> > <Attributes > Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" > IncludeInResult="false"> > <AttributeValue > DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> > </Attribute> > </Attributes> > <Attributes > Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" > IncludeInResult="false"> > <AttributeValue > DataType="http://www.w3.org/2001/XMLSchema#string";>http://127.0.0.1/service/very_secure/ > </AttributeValue> > </Attribute> > </Attributes> > </Request> > > I will update XACML docs with this information. > Please let me know if you have any concerns on this! I hope this is what > you expected. > > [1] https://medium.com/@gdrdabarera/how-entitlement- > management-works-with-rest-api-via-xacml-in-wso2-identity-server-5-3-0- > 7a60940d040c > > Thank you! > Dinali > > - > *Dinali Rosemin Dabarera* > Software Engineer > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : gdrdabar...@gmail.com > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 <077%20019%208933> > > > > > <https://lk.linkedin.com/in/dinalidabarera> > > > > > > > > > > > > > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
