[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [basic question] PEP recognizing authorized user.
I have a basic question regarding how PEP can recognize the already authorized user to access the resource. Let's say that I have a webservice client, a PEP implemented using XACML technology and it protects a webservice. First time, PEP can intercept & sends a XACML request to the PDP and gets the response back & permits the access to webservice. 2nd time, when the same user performs the same action on the webservice, this time PEP should recognize previous step and should just forward to webservice. (it should NOT again make a XACML request to PDP). I am wondering ,is this where SAML assertion tokens & XPath's are used in XACML context ? Can someone shed some light here? Thanks, Uday. -- ***************************************************************** Uday Subbarayan I don't blog but e-write: http://uds-web.blogspot.com *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]