Re: REST Profile

[David Chadwick <d.w.chadwick@kent.ac.uk>]

Hi David

thanks for pointing me to the IETF draft.

I already have a copy of your JSON draft. Are you proposing to produce 
an XACMLv2 request/response context in JSON as well?

The reason I am interested in this is that I am currently working on 
various security features of OpenStack, and one of the next things I 
will be addressing is its Rest API for accessing a PDP. The XACML REST 
profile seems like a good contender for moving OpenStack to a standards 
based API

regards

David


On 15/12/2012 19:15, David Brossard wrote:
> Hi Dave,
>
> Good to hear from you.
>
> Your assumption is correct. The REST profile doesn't define the format
> of the request but rather the way you send a request / response.
>
> The RFC Remon (in CC) wrote specifies how the version of XACML can be
> indicated (http://www.ietf.org/id/draft-sinnema-xacml-media-type-00.txt).
>
> We're also working on a JSON representation of XACML.
>
> Cheers,
> David.
>
> On Fri, Dec 14, 2012 at 6:50 PM, David Chadwick <d.w.chadwick@kent.ac.uk
> <mailto:d.w.chadwick@kent.ac.uk>> wrote:
>
>     Hi David et al.
>
>     The Rest profile says that is supports versions 3.0 and earlier.
>     However I can find no text in the profile that says how earlier
>     versions of XACML are supported. I assume that when the POST message
>     is sent to the PDP, it will be set to something like this:
>
>     POST /authorization/pdp HTTP/1.0
>     Host: www.example.com <http://www.example.com>
>     Accept: application/xacml+xml; version=2.0
>     Content-Type: application/xacml+xml; version=2.0
>
>     and the request context will then follow the XACMLv2 schema.
>
>     However, the profile itself is silent on this issue.
>
>     regards
>
>     David
>
>
>
>
>
>
>
> --
> David Brossard, M.Eng, SCEA, CSTP
> Product Manager
> +46(0)760 25 85 75
> Axiomatics AB
> Skeppsbron 40
> S-111 30 Stockholm, Sweden
> http://www.linkedin.com/companies/536082
> http://www.axiomatics.com
> http://twitter.com/axiomatics