From: Ludwig Seitz <ludwig@sics.se>
To: Fatih Turkmen <fturkmen@gmail.com>
Cc: José Luis Hernández Ramos <joseluishr1@gmail.com>; xacml-dev@lists.oasis-open.org
Sent: Tuesday, February 21, 2012 8:47 AM
Subject: Re: [xacml-dev] PDP not like a web service
On tis, 2012-02-21 at 13:51 +0000, Fatih Turkmen wrote:
> Apart from that, there XACML Enterprise
which is quite stable and
> efficient but I haven't
> used very much apart from some experiments.
Note that Enterprise XACML doesn't work with dynamically loaded
attributes (at least when I examined the code in 2009).
If I remember correctly the "clever" indexing mechanism causes policies
that would be applicable to be disregarded, if necessary attributes are
not in the request and need to be fetched dynamically.
IMHO the ability to complement a request by dynamically fetching missing
attributes is one of the strong features of XACML, so I wouldn't want to
use a PDP without that feature.
/Ludwig
--
Ludwig Seitz, PhD
Swedish Institute of Computer Science
Ideon Science Park
Building Beta 2 3v
Scheelevägen 17
SE-223 70 Lund
Phone +46(0)70-349 92 51
http://www.sics.se