-
1. Re: XACML PDP WSDL
anil.saldhana Jan 5, 2011 4:54 PM (in response to kiergray)Have you tried the JAX-WS Dispatch API Call?
-
2. Re: XACML PDP WSDL
kiergray Jan 5, 2011 5:13 PM (in response to anil.saldhana)No, I haven't. Could you be more explicit? I don't figure out how that would help. Thanks.
-
3. Re: XACML PDP WSDL
anil.saldhana Jan 5, 2011 9:30 PM (in response to kiergray)Something like we use in STSClient
I am guessing (I may be wrong) that the Jax-WS Dispatch call should be able to send a soap message across to any endpoints on the network.
-
4. Re: XACML PDP WSDL
kiergray Jan 6, 2011 12:39 PM (in response to anil.saldhana)OK. I got the idea. So I would need to build the SOAP request XML before passing to the dispatch call (such as RequestSecurityTokenCollection for the STSClient you pointed me to), don't I ?
Yet, I would prefer having a WSDL for the PDP as it would make it easier to write/generate the client code (than using the Dispatch API). In particular, I am interested in adding WS-Policy/WS-SecurityPolicy to such a WSDL.
Thanks again.
-
5. Re: XACML PDP WSDL
anil.saldhana Jan 6, 2011 1:17 PM (in response to kiergray)Kier, this is Open Source and you are welcome to submit a patch that has the webservice. You have the core SAML/XACML constructs. All you need to do is expose a wsdl via maybe an ejb3 webservice or POJO service. Many of our users contribute patches.
I think the world is moving toward a REST style services.
-
6. XACML PDP WSDL
kpeeples Jan 21, 2011 11:48 PM (in response to anil.saldhana)I am looking into creating a Web Service for the PDP. I will post an update when I am able to get it completed.
-
7. XACML PDP WSDL
salarzai Jan 22, 2011 7:28 AM (in response to kpeeples)Hi,
I want to use JBossXACML/PicketBox XACML in axis2 for securing a web service. I want to make a module and call JBOSS PDP from a handler within axis2. All I need is to use PDP code with policy and to call it from the handler.
However there is no proper documentation how do I configure and call PDP of the JbossXACML.
Can someone kindly guide me from where to start please?
Waiting for your kind response.
Sardar
-
8. XACML PDP WSDL
kpeeples Jan 22, 2011 7:56 PM (in response to salarzai)I would look at the Authorization Modules [1] for the Web and EJB (ejb/EJBXACMLPolicyModuleDelegate.java and web/WebXACMLPolicyModuleDelegate.java) to use as an example on how to make your module, which would act as the PEP, communicate with the PDP with the Request Context and Response Context. Look at the authorize and process methods. You can look at the XACML specification [2] to see further information on the PEP and PDP behaviors. There may be some other documentation concerning writing a custom PEP for Picketbox but not aware of it. Others may have comments about documentation and if there is a better way than what I mention above. Hope this helps.
[2] http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
-
9. Re: XACML PDP WSDL
anil.saldhana Feb 3, 2011 3:57 PM (in response to kpeeples)PicketLink2 build has a PDP that is a SOAP based WS.
http://community.jboss.org/message/584988#584988
Documentation: http://community.jboss.org/wiki/XACMLPDPSOAPService
Also , simple usage of JBossXACML is given in:http://anil-identity.blogspot.com/2011/02/usagejboss-xacml.html
http://anil-identity.blogspot.com/2011/02/usagejboss-xacml.html