[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Re: Informing SP about session invalidated in IDP
XACML is a different standard. Questions about XACML should be directed to the xacml-dev list.
To answer, there is no such thing as “the” XACML java api jar. The OASIS XACML TC, like the SS TC has defined a standard and left it to others to implement it.
Most XACML implementations are commercial products. Historically, the most popular open source XACML implementation was Sun-xacml. A number of others were built by modifying sun-xacml. However, sun-xacml was never updated after XACML 2.0. There are now at least two open source XACML 3.0 products. I recommend WSO2’s Balana XACML engine. They just announced support for the AzAPI of the OpenAz Project.
If by API you actually mean network protocol, the XACML 3.0 standard defines two, one using XML/SOAP the other using JSON/HTTP. Most XACML PDPs whether commercial or open source support both. (The JSON one is actually still being standardized, although it is quite stable.)
The OpenAz project hopes to soon have a open source package which will allow you to call either a remote or a local (imbedded) PDP using the same programming API. Eventually this will support both the SOAP and JSON format remote calls.
XACML TC Public Page
XACML References and Implementations (unfortunately not updated since 2011)
Latest version of specification for remote XML/SOAP protocol (Chapter 4)
Latest Version of specification for JSON/HTTP protocol
Info on WSO2 Balana XACML engine
Blog on Balana AzAPI support