• Category: Architecture

Applying fine-grained access control in applications and APIs using Axiomatics Java PEP SDK

Architecture
Today, code might look like this: // Approve the PO if (user.approvalLimit>=order.amount){ if (user.location.equals(order.location)){ if (user.id.equals(order.purchaser)==false){ order.approve(); } } } The code snippet above shows...

Understanding XACML combining algorithms

Architecture
The XACML policy language uses three structural elements: policy sets, policies, and rules. A policy set can contain any number of policies and policy sets....

Exposing Axiomatics PDP as a REST Authorization Service

Architecture
Axiomatics Policy Server 5.x PDP API The Axiomatics Policy Server exposes its Java Policy Decision Point as a JAX-WS conformant SOAP web service. In addition,...

Authoring Multiple Decision Profile requests

Architecture
This blog post describes some non trivial scenarios that an access control or authorization developer may encounter and provides several ideas to simplify them by...

Scaling XACML Architecture Deployment

Architecture
XACML, which stands for eXtensible Access Control Markup Language, exists to solve the problem of authorization (AuthZ) with focus on extensibility, granularity and scalability. From...

Using Aspect Oriented Programming to apply fine-grained authorization

Architecture
Introduction to AOP Any computer application or system deployed in an enterprise environment has to deal with multiple distinct concerns. Some of them are cross-cutting,...

XACML Reference Architecture

Architecture
In this post we will dive deeper into the architecture of XACML, one of the core aspects of the standard. XACML stands for eXtensible Access...