OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml-users] XACML Resource Element

Actually XACML does support codeBase as an access subject type to support models of this type. Microsoft also has some access control based on the notion of "the code that called this."

Also note BEA WebLogic Platform 9.01 has an XACML engine embedded in it. We make it available under our authorization provider, which is part of out security framework, but it would be perfectly possible to access an XACML PDP under JSR 115 (JAAC).

That said, the committee is well aware of the fact that I personally think the Jave accessscontrol model is seriously wrongheaded.

Hal

> -----Original Message-----
> From: Kuketayev, Argyn (Contractor)
> [mailto:argyn_kuketayev@fanniemae.com]
> Sent: Wednesday, September 21, 2005 3:29 PM
> To: xacml-users@lists.oasis-open.org
> Subject: RE: [xacml-users] XACML Resource Element
> 
> 
> Jeff
> 
> Check this out
> http://research.sun.com/projects/xacml/J2SEPolicyProvider.html 
> 
> Argyn
> 
> > -----Original Message-----
> > From: Jeff Trent [mailto:jtrent@structsoft.com] 
> > Sent: Wednesday, September 21, 2005 3:10 PM
> > To: Daniel Engovatov; marchadr@wellsfargo.com; Seth.Proctor@sun.com
> > Cc: xacml-users@lists.oasis-open.org
> > Subject: Re: [xacml-users] XACML Resource Element
> > 
> > I am fairly new to the list so excuse me if this topic has 
> > already been raised.
> > 
> > I am very interested in knowing if anyone has considered 
> > normative profile mapping for Java2 permissions or the 
> > J2EE/JACC security models as well?
> > 
> > IMHO, Java2 permissions don't fit the XACML model cleanly 
> > since it usually involves permissions restricting a codeBase 
> > and not a Subject / user.
> > Thoughts?
> > 
> > Jeff
> > 
> 
> ---------------------------------------------------------------------
> This publicly archived list supports open discussion on using the 
> XACML OASIS Standard. To minimize spam in the archives, you 
> must subscribe before posting.
> 
> [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/
> Alternately, using email: list-[un]subscribe@lists.oasis-open.org
> List archives: http://lists.oasis-open.org/archives/xacml-users/
> Committee homepage: http://www.oasis-open.org/committees/xacml/
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Join OASIS: http://www.oasis-open.org/join/
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]