Skip to Content.
Sympa Menu

mace-opensaml-users - Re: XACML Code Contribution

Subject: OpenSAML user discussion

List archive

Re: XACML Code Contribution


Chronological Thread 
  • From: Chad La Joie <>
  • To:
  • Subject: Re: XACML Code Contribution
  • Date: Wed, 13 Feb 2008 21:08:53 +0100
  • Organization: SWITCH
Another thing I thought I'd note (since it kind of came up in another thread). This code gives an example of how to implement both new Request types (see XACMLAuthzDecisionQueryType and XACMLPolicyQueryType) and Statement types (see XACMLAuthzDecisionStatementType and XACMLPolicyStatementType) in the org.opensaml.xacml.profile.saml package.

Chad La Joie wrote:
As mentioned a while ago the EGEE[1] Collaboration VO Privilege[2] projects have chosen to build support for their XACML services upon the OpenSAML library stack and contribute the relevant code back to the OpenSAML project.

This code supports basic XACML policy and context XML construction, OASIS SAML 2.0 Profile of XACML, Version 2, and some basic XACML Obligation handling mechanics. This is NOT a XACML PDP, PAP, PEP, or PIP but instead a library to support the requisite XML messages used by those components. As this builds on the existing OpenSAML libraries, developers also have access to other OpenSAML features (most notably the advance security/trust management subsystem).

People can get the code from 'xacmlIntegration' branch with the java-opensaml2 repository. The code will not be within the initial 2.0 release of OpenSAML because it was received after OpenSAML entered its release candidate phase. However it will be included in the next release of OpenSAML which will likely occur within 2 months of the 2.0 release. This will also give us time to polish off any other small changes that may arise as various projects move to incorporate the library into their systems.

A special thanks to Håkon Sagehaug and Yuri Demchenko for their work on this and the EGEE for funding.

[1] http://www.eu-egee.org/
[2] http://www.fnal.gov/docs/products/voprivilege/

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch


Archive powered by MHonArc 2.6.16.

Top of Page