OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml] Re: REST Profile

IMHO I would not consider it very RESTful (client POSTs an XML-encoded query blob to an endpoint and gets a response blob back).

-----Original Message-----
From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On Behalf Of David Chadwick
Sent: Sunday, December 16, 2012 2:05 PM
To: David Brossard
Cc: xacml; Remon Sinnema
Subject: [xacml] Re: REST Profile

Hi David

thanks for pointing me to the IETF draft.

I already have a copy of your JSON draft. Are you proposing to produce an XACMLv2 request/response context in JSON as well?

The reason I am interested in this is that I am currently working on various security features of OpenStack, and one of the next things I will be addressing is its Rest API for accessing a PDP. The XACML REST profile seems like a good contender for moving OpenStack to a standards based API



On 15/12/2012 19:15, David Brossard wrote:
> Hi Dave,
> Good to hear from you.
> Your assumption is correct. The REST profile doesn't define the format 
> of the request but rather the way you send a request / response.
> The RFC Remon (in CC) wrote specifies how the version of XACML can be 
> indicated (http://www.ietf.org/id/draft-sinnema-xacml-media-type-00.txt).
> We're also working on a JSON representation of XACML.
> Cheers,
> David.
> On Fri, Dec 14, 2012 at 6:50 PM, David Chadwick 
> <d.w.chadwick@kent.ac.uk <mailto:d.w.chadwick@kent.ac.uk>> wrote:
>     Hi David et al.
>     The Rest profile says that is supports versions 3.0 and earlier.
>     However I can find no text in the profile that says how earlier
>     versions of XACML are supported. I assume that when the POST message
>     is sent to the PDP, it will be set to something like this:
>     POST /authorization/pdp HTTP/1.0
>     Host: www.example.com <http://www.example.com>
>     Accept: application/xacml+xml; version=2.0
>     Content-Type: application/xacml+xml; version=2.0
>     and the request context will then follow the XACMLv2 schema.
>     However, the profile itself is silent on this issue.
>     regards
>     David
> --
> David Brossard, M.Eng, SCEA, CSTP
> Product Manager
> +46(0)760 25 85 75
> Axiomatics AB
> Skeppsbron 40
> S-111 30 Stockholm, Sweden
> http://www.linkedin.com/companies/536082
> http://www.axiomatics.com
> http://twitter.com/axiomatics

To unsubscribe, e-mail: xacml-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]