Re: [sunxacml-discuss] XACML: Access Control for Web Services
Brought to you by:
farrukh_najmi,
sethp
Menu
▾
▴
Re: [sunxacml-discuss] XACML: Access Control for Web Services
|
From: Seth P. <set...@su...> - 2003-10-06 20:21:18
|
> My request is actually for a document that I am writing for a major US > federal agency (a Web Services Standards Analysis), not for an > implementation. My aim is to provide an example of how XACML could be > used for access control with Web services, and (if possible) for > providing SAML information to XACML. So what I'm looking for is actually > an XML example - an alternative to the "charge for throughput" example > in the WSPL specification (it's a great example, just not leverageable > for my purposes). Ah, I see. That is somewhat different. I think the best answer is that there is no standard way to talk about how a web service uses XACML for access control except that there is a standard, XML interface for sending a Request and getting back a Response. There is an effort right now in SAML (for version 2.0) to standardize how SAML can be used to send these XACML messages, but in order to use the attributes in SAML, you still need to use some code to provide the data in a form that XACML can understand (though that too is being discussed). A better person to answer this question, and to address your comment about WSPL, is Anne Anderson. I'll let her take a stab at what you're asking. Anne? seth |
