Hi Godwin, When we are sending the Subject in a JSON payload, I figured out it should be "*AccessSubject*" not Subject.
This is the sample request payload I changed for JSON, { "Request": { "AccessSubject": { "Attribute": [ { "AttributeId": "urn:oasis:names:tc:xacml:1.0:subject:subject-id", "Value": "Andreas" } ] }, "Action": { "Attribute": [ { "AttributeId": "urn:oasis:names:tc:xacml:1.0:action:action-id", "Value": "read" } ] }, "Resource": { "Attribute": [ { "AttributeId": "urn:oasis:names:tc:xacml:1.0:resource:resource-id", "Value": "http://127.0.0.1/service/very_secure/" } ] } } } I will update the doc with these details. Thanks! Dinali On Thu, Nov 2, 2017 at 10:13 AM, Godwin Shrimal <god...@wso2.com> wrote: > Hi Dinali, > > XML request format is clear and I guess we have enough information > regarding that. I am referring to JSON format on how to send subject. > > > Thanks > Godwin > > On Tue, Oct 31, 2017 at 10:24 PM, Dinali Dabarera <din...@wso2.com> wrote: > >> Hi Godwin, >> >> As you mentioned in your offline chats, there is no mention about "how to >> send the subject in the XACML Request" in our Docs. >> >> I did a small research on XACML spec and figured out we could send the >> subject in the XACML request as follows, >> >> I changed the sample request on my blog [1] with the Subject attribute as >> follows >> >> Request: >> >> <Request CombinedDecision="false" ReturnPolicyIdList="false" >> xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"> >> <Attributes >> Category="urn:oasis:names:tc:xacml:3.0:subject-category:access-subject"> >> <Attribute IncludeInResult="false" >> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> >> <AttributeValue >> DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">b...@simpsons.com</AttributeValue> >> </Attribute> >> </Attributes> >> <Attributes >> Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> >> <Attribute >> AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" >> IncludeInResult="false"> >> <AttributeValue >> DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> >> </Attribute> >> </Attributes> >> <Attributes >> Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> >> <Attribute >> AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" >> IncludeInResult="false"> >> <AttributeValue >> DataType="http://www.w3.org/2001/XMLSchema#string">http://127.0.0.1/service/very_secure/ >> </AttributeValue> >> </Attribute> >> </Attributes> >> </Request> >> >> I will update XACML docs with this information. >> Please let me know if you have any concerns on this! I hope this is what >> you expected. >> >> [1] https://medium.com/@gdrdabarera/how-entitlement-management- >> works-with-rest-api-via-xacml-in-wso2-identity-server-5-3-0-7a60940d040c >> >> Thank you! >> Dinali >> >> - >> *Dinali Rosemin Dabarera* >> Software Engineer >> WSO2 Lanka (pvt) Ltd. >> Web: http://wso2.com/ >> Email : gdrdabar...@gmail.com >> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >> Mobile: +94770198933 <+94%2077%20019%208933> >> >> >> >> >> <https://lk.linkedin.com/in/dinalidabarera> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > > > -- > *Godwin Amila Shrimal* > Associate Technical Lead > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165* > linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ > <https://www.linkedin.com/in/godwin-amila-2ba26844/>* > twitter: https://twitter.com/godwinamila > <http://wso2.com/signature> > -- *Dinali Rosemin Dabarera* Software Engineer WSO2 Lanka (pvt) Ltd. Web: http://wso2.com/ Email : gdrdabar...@gmail.com LinkedIn <https://lk.linkedin.com/in/dinalidabarera> Mobile: +94770198933 <https://lk.linkedin.com/in/dinalidabarera>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev