[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] PDP REST Interface - proposal
Ray made some good technical points against calling this a “REST interface”. Just the fact that it stirs up any discussion might be a good reason to avoid that label for this initiative. If it’s not likely to mean the same thing to everyone, it will be a continual point of confusion. That said, I sympathize with the motivation to standardize a simple HTTP interface for XACML request/response exchanges. My main concern is that by grabbing some low-hanging fruit in this area we might miss opportunities to put XACML on track to utilize existing and emerging W3C semantic web standards for defining, exchanging, and processing ontologies and rules. Regards, --Paul From: Doron Grinstein [mailto:doron@bitkoo.com] Oh boy. I see a debate brewing J I agree with Anil on this point.. From: Anil Saldhana [mailto:Anil.Saldhana@redhat.com] Hi David, Hi, On Fri, May 20, 2011 at 5:04 PM, <remon.sinnema@emc.com> wrote: David,
I don't see any "resources" in your proposal. So I guess you're just talking about an HTTP interface, not REST.
o Input: Send in a URL e.g. http://foo.bar/AuthZ/?a=value&b=value2&c=value3 * This means a layer on the PDP side (in the REST wrapping) needs to map from a HTTP GET parameter to a XACML attribute I guess you could model Decisions as HTTP status codes:
You won't lose any richness in the PUT variant. I'm not sure about GET either, that depends on the mapping of XACML attributes to HTTP parameters. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]