Version 6 of Axiomatics Policy Server (APS) comes with a brand-new web-based Policy Editor which gives the user a completely new and smooth way of working with access policies as well as communicating them. This blog post explains why managing attribute-based access policies will be a seamless user
Today, code might look like this: // Approve the PO if (user.approvalLimit>=order.amount){ if (user.location.equals(order.location)){ if (user.id.equals(order.purchaser)==false){ order.approve(); } } } The code snippet above shows how developers
The XACML policy language uses three structural elements: policy sets, policies, and rules. A policy set can contain any number of policies and policy sets. Policies, in turn, can contain multiple rules. Rules define the desired effect, either of Permit or Deny. If a policy contains multiple
Axiomatics Policy Server 5.x PDP API The Axiomatics Policy Server exposes its Java Policy Decision Point as a JAX-WS conformant SOAP web service. In addition, the server also provides a managed PDP object which developers can use to expose the PDP as a new service. To grab the managed PDP, do
This blog post describes some non trivial scenarios that an access control or authorization developer may encounter and provides several ideas to simplify them by utilizing features available in Axiomatics PEP SDK for Java. Policy Enforcement Points, usually abbreviated as PEPs, are the endpoints
XACML, which stands for eXtensible Access Control Markup Language, exists to solve the problem of authorization (AuthZ) with focus on extensibility, granularity and scalability. From a first glance at the standard specification it appears to do all the magic with a seemingly over-simplified
Introduction to AOP Any computer application or system deployed in an enterprise environment has to deal with multiple distinct concerns. Some of them are cross-cutting, meaning they should apply globally across the system. Typically this includes logging, validation and authorization concerns.
In this post we will dive deeper into the architecture of XACML, one of the core aspects of the standard. XACML stands for eXtensible Access Control Markup Language. It is the OASIS standard for fine-grained authorization management based on the concept of Attribute-based access control (ABAC),