Axiomatics Policy Server (APS) editions come with rich APIs and software developer tool kits (SDKs) making it the most versatile and flexible solution on the market for implementation of Attribute Based Access Control (ABAC). Our SDKs are available for customers on our support web.
SDKs and Downloads
Software Developer Kit (SDK) for Spring Security Integration
The Spring Security framework approaches security as a cross-cutting concern and provides separation between application logic and security and business logic. Architecturally and from an implementation point of view, Spring Security provides the right capabilities to support the Policy Enforcement Point of the XACML-based externalized policy-driven access control architecture.
Axiomatics provides an SDK for customers who are interested in integrating XACML into their Spring and Spring Security framework based enterprise Java applications.
The SDK provides three core capabilities:
- URL level access control using Web Expressions
- UI level access control using JSP Tag library
- Method level access control (PreAuthorize, PostAuthorize, PreFilter and PostFilter)
The SDK is designed to be extensible and configurable to the specific needs of the customer. It requires minimal XML configuration changes and has connection pooling capabilities.
Axiomatics Language for Authorization (ALFA)
Simplify the development of authorization policies and empower your developers and architects with the Axiomatics Language for Authorization (ALFA).
Designed to integrate with your development environment, the Axiomatics Language for Authorization (ALFA) is similar to higher level languages like Java and C#, enabling developers to quickly and easily write XACML policies. Axiomatics has proposed ALFA as an XACML profile titled “Abbreviated Language for Authorization” which can be downloaded by clicking here (.doc).
The ALFA Plugin for Eclipse is a tool that converts your Eclipse programming IDE to a editor of authorization policies using the ALFA syntax. ALFA policies can then easily be converted, within the IDE, into real XACML 3.0 policies and then loaded into your XACML policy management tool.
Please Note: This plug-in is for non-commercial use. If you’d like to purchase a copy for commercial use, please contact firstname.lastname@example.org.
Request the download here.
Software Developer Kit (SDK) for Policy Enforcement
Axiomatics Policy Server ships with SDKs for Java and .NET environments. To connect an application or service to an Axiomatics Authorization services you add a few lines of code. The Enforcement Point can be called and re-used over and over in your application.
- Connecting to the authorization service.
- Creating the access request object with information about the user, the action to be performed, the information asset being accessed etc.
- Sending the request to the server
- Acting on the response
Enforcing Policies in Different Environments
The Enforcement Point is a trusted component in an XACML architecture. It enforces the decisions made by an authorization service. It can be embedded within the application or placed as an interceptor in front of it. It can be deployed as an extension to an XML gateway or a filter in an enterprise service bus (ESB), a servlet filter on an application server or web portal and so on.
The separation of concerns between the access control decision and the enforcement provides a comprehensive access control framework that can be used on many different access points and levels in your infrastructure.