Fine grained xacml authorization with pip points

4,119 views
4,002 views

Published on

Fine-grained xacml authorization with pip points

Published in: Education, Technology, Design
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
4,119
On SlideShare
0
From Embeds
0
Number of Embeds
2,730
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fine grained xacml authorization with pip points

  1. 1. Fine-Grained XACML Authorization with PIP points WSO2 Identity Server 4.5.0
  2. 2. Use Case • User ‘john’ trying to get READ access by using his user id. • Authorization should be given by validating the user id against user name, requesting use name information via PIP point. • PIP requesting information from a web service.
  3. 3. PIP JAX-RS Service PEP PDP Entitlement Service SoapUI PAP Use Case Diagram
  4. 4. XACML policy information • User – john • Action – READ • Resource – web service name
  5. 5. SoapUI Request information • User Id – 124 • Action – Read • Resource – web service name
  6. 6. Implementation Steps • Implement the JAX-RS Service and host it in Application Server – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/09/how-to- create-jax-rs-service-using-wso2.html • http://umeshagunasinghe.blogspot.com/2013/09/how-to- deploy-jax-rs-service-in-wso2.html • Writing the PIP – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how-to- write-pip-point-for-wso2-is.html
  7. 7. Implementation Steps • Registering the PIP in Identity Server – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-register-pip-in-wso2-is.html • Writing the XACML Policy – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-write-simple-xacml-policy-in.html
  8. 8. Implementation Steps • Enforcing the Policy – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/10/how- to-use-try-it-tool-in-wso2-is.html • http://umeshagunasinghe.blogspot.com/2013/10/how- to-expose-entitlement-service-in.html
  9. 9. Thank You!

×