Re: [sunxacml-discuss] Sunxacml and hierarchical roles

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

i dont understand your question. in rbac you have to create at least to 
policy sets: permision and role policysets.

you don't have to do anything specific to sunxacml at this stage, when 
you are writing policyset xml files. you'll need to modify sunxacml, 
when you
create new policy finder module. i'll check my sources later today, 
maybe i can find you a good sample.

argyn

Jake Wu wrote:

>Dear all,
>
>Thanks to Seth and Argyn for the answers..
>
>I am now having a basic question. In XACML-RBAC profile, it has defined
>Permission <PolicySet>, Role <PolicySet> and Role Assingment <Policy>
>separately. Can I use the SUNXACML API to create these files
>individually without the policy referencing actually taking place at
>this stage? 
>
>If there is any sample code regarding this issue, please advise..
>
>Many thanks.
>jake 
>
>  
>
>>-----Original Message-----
>>From: argyn [mailto:ar...@co...] 
>>Sent: 24 January 2006 01:33
>>To: Jake Wu
>>Cc: sun...@li...
>>Subject: Re: [sunxacml-discuss] Sunxacml and hierarchical roles
>>
>>Jake Wu wrote:
>>
>>    
>>
>>>Dear all,
>>>
>>>Could someone tell me if Sunxacml APIs support the use of 
>>>      
>>>
>>hierarchical 
>>    
>>
>>>Role Base Access Control? i.e. implement the specification 
>>>      
>>>
>>which is at 
>>    
>>
>>>http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-
>>>      
>>>
>>rbac-prof
>>    
>>
>>>i
>>>le1-spec-os.pdf
>>>
>>>Many thanks.
>>>jake
>>>
>>>
>>>
>>>
>>>-------------------------------------------------------
>>>This SF.net email is sponsored by: Splunk Inc. Do you grep 
>>>      
>>>
>>through log 
>>    
>>
>>>files for problems?  Stop!  Download the new AJAX search engine that 
>>>makes searching your log files as easy as surfing the  web.  
>>>      
>>>
>>DOWNLOAD SPLUNK!
>>    
>>
>>>http://sel.as-us.falkag.net/sel?cmd=k&kid3432&bid#0486&dat1642
>>>_______________________________________________
>>>sunxacml-discuss mailing list
>>>sun...@li...
>>>https://lists.sourceforge.net/lists/listinfo/sunxacml-discuss
>>>
>>>
>>> 
>>>
>>>      
>>>
>>Yes, it does, but not out-of-the-box. You have to write a 
>>finder yourself. I've implemented rbac with sunxacml in one 
>>company, and it worked fine. I think i posetd a couple of 
>>times on the subject in this list a year ago.
>>
>>thanks
>>Argyn
>>
>>
>>    
>>
>
>
>  
>