It’s hard to believe, but it’s already been 10 years since I had the honor to host the first ever XACML interoperability demonstration at Burton Group’s Catalyst conference in June of 2007. We had a long tradition of hosting interoperability demonstrations, but they were typically associated with single sign-on and federation protocols, such as SAML, multi-federation protocols, a user-centric interoperability demonstration, and even SPML. However for this event, the focus was on access control and the Extensible Access Control Markup Language.
The “wayback” machine, fortunately, captured some posts about the event. For example, we put out a call to action in February that year to line up vendor participation:
Leading up to the event, I posted this 2 weeks before Catalyst:
OASIS has an excellent recap here: https://www.oasis-open.org/news/pr/eight-companies-demonstrate-interoperability-of-xacml-oasis-standard-at-catalyst-conference. Anil Saldanha (@anilsaldhana) also wrote up a short summary of the event and was wise enough to capture Hal Lockhart interviewing the participants. You can find the blog post and a link to the podcast here: http://anil-identity.blogspot.com/2007/06/oasis-xacml-interoperability-event-at.html
XACML remains an important interoperability standard for Axiomatics, as we use it in a number of integrations with third party products. In version 3.0 of XACML, new profiles have been added recently that further enhance interoperability between different implementations of XACML. I am referring to the profiles for REST and JSON support, which are additive to the core specification.
Questions? Comments? Leave a comment below.
To learn more about XACML, please visit our Resources section.