Andreas is Axiomatics’s longest serving employee. What he doesn't know about XACML and Axiomatics products, nobody knows. As Product Manager he has been heavily involved in the evolution of APS and its different components. Andreas has also been working with several longer and shorter external consultancy engagements.

Using Aspect Oriented Programming to apply fine-grained authorization

In this blog post we will focus on adding an access control advice via Aspect Oriented Programming (AOP) to implement a well separated, generic, Attribute Based Access Control (ABAC) -protected system without interfering with other, functional, code. In particular we will look at how we can define attributes via annotations on methods and objects to form a request and add a pointcut to intercept service invocations and trigger calls to an XACML PDP within this aspect. We also show how this can be weaved with AspectJ to assemble the final form of bytecode.

Continue reading
2039 Hits