[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml-dev] XACML 2
Thank you Seth, My current plans for the next version of XACML.NET is supporting current .Net version and the next one (aka "Whidbey") (the Microsoft's "Tiger" :) ), and I'm using this implementation also to test the new framework, language improvements, and how to integrate with the previous version. On the other hand... my Java days are over now... It was a great time in the past... But I meet the power of the dark side :) Anyway if you think that I can help you in some way (like implementation decissions, and specification intepretations that may differ, etc), feel free to contact me. For the moment I'm planning supporting both versions with the same code base. And the version of the policy will be determing the evaluation behavior I mean when a 2.0 policy is used to evaluate the 2.0 evaluation will be performed. if I found some requirement in 2.0 that can only be provided by a 2.0 context, and the context is 1.x I'll invalidate the evaluation context (rule, policy, etc) with an error. But I don't want to make this "implementation specific". I have not go throug the entire spec, so I'll do that this week Thanks, Diego Gonzalez Lagash Systems SA -----Original Message----- From: Seth Proctor [mailto:Seth.Proctor@Sun.COM] Sent: Tuesday, September 21, 2004 5:37 PM To: Diego M. Gonzalez Cc: xacml-dev@lists.oasis-open.org Subject: Re: [xacml-dev] XACML 2 Hi Diego. > I'm having some free time in the next weeks se I'll like to know if > anybody have started with a 2.0 implementation. If so how do you > manage the 1.1 and 2.0 differences and schema versioning issues (i.e. > what happens if a 1.0 Context is evaluated using a 2.0 Policy, and > issues like that). I am just starting to work on supporting 2.0 in my SunXACML project. In fact, I'm about to send mail to the sunxacml-discuss list asking for volunteers :) If you'd like to get involved, let me know. You raise some good questions here. It's not entirely clear how this is supposed to happen. In theory, the important boundries haven't changed (eg, decisions, request formats, Policy[Set] as top-level entity), so a 1.0 request should be valid with a 2.0 policy, and a 2.0 policy should be able to reference a 1.x policy. I can't think of any rules about this in the 2.0 spec off the top of my head, but I'll poke around. For my project, I plan to be as flexible about this as possible. > Is there any document with all the differences between 1.1 and 2.0 > wc-current? Because the differences are only available comparing the > last version. No. There was supposed to be a writeup, but it didn't happen (I think the person who owned this item got too busy with other stuff). I have thought about writing this, but I haven't had the time. If you wanted to do this, I think it would be valuable, and I'd be happy to provide some assistance. I did recently go through the exercise of doing a complete review of the 2.0 draft, so I have a reasonable sense of what changed. seth
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]