Quantcast
Channel: SOA Security » XACML
Browsing all 10 articles
Browse latest View live

Migration XACML policies from older versions to new Identity Server versions.

Latest WSO2 Identity Server (4.5.0 and after it…) have lot changes when it is compared with its older versions (4.0.0, 4.1.0)…. There are database schema changes in user management databases and also...

View Article



Image may be NSFW.
Clik here to view.

Banking Sample with XACML

Lets try to understand how XACML can be used in banking applications and how to implement a sample banking authorization system with open source XACML engine. Use case There is bank call KBank, that...

View Article

Policy Store Notifications with Identity Server

In administrative point of view, policy notifications play a major role… It is some kind of a must feature that policy engine supports. In a typical enterprise, authorization policies are defined by a...

View Article

Webinar on XACML – Uncovering XACML to Solve Real World Business Use Cases

Despite challenges such as performance bottlenecks, complexity and integration difficulties, XACML holds its position as the number one choice for addressing fine grain and policy based access control...

View Article

Image may be NSFW.
Clik here to view.

Access Control for Data Access Layer with XACML

Lets try to understand how XACML can be used to filter out authorized data from data access layer. Also let learn how we can implement data filtering sample with using open source XACML engine. First...

View Article


XACML PDP Performance Testing with Thrift

Last time using this blog post,  We discussed on load testing the XACML PDP using Jmeter.  We uses the HTTPS transport for calling the Web Service API that has been exposed by the PDP.  With Identity...

View Article

Image may be NSFW.
Clik here to view.

Authorization for APIs with XACML and OAuth 2.0

In this blog post, let see how we can implement XACML to authorize the APIs. I wish you are familiar with OAuth 2.0 and lets directly go through the diagram   OAuth access token is granted to the...

View Article

Image may be NSFW.
Clik here to view.

Implementing RBAC and ABAC with XACML

Let see how we can implement RBAC and ABAC with XACML. Here i am using the well known XACML 3.0 open source engine; Identity Server which is based on Balana. Lets think about an API access control...

View Article


Image may be NSFW.
Clik here to view.

Use XACML Advice elements to generate detail decisions.

XACML engine usually returns a Boolean decision (whether permit or deny). Let see how we can use Advice elements in the XACML to return a policy decision more than a Boolean value. Let takes some...

View Article


Image may be NSFW.
Clik here to view.

XACML Policy Set with Identity Server

Let see how Policy Set works in Identity Server. You can simply create the policy set easily using Policy Set Editor of the Identity Server. Here you can, Select a Policy Set Combining Algorithm Define...

View Article
Browsing all 10 articles
Browse latest View live




Latest Images