Difference between revisions of "Code Discussion 2009-06-29"
Jump to navigation
Jump to search
m |
m (→See also) |
||
| (3 intermediate revisions by one other user not shown) | |||
| Line 7: | Line 7: | ||
=Authorization mechanisms= | =Authorization mechanisms= | ||
*XACML policy example | *XACML policy example | ||
*[http://www.escidoc.org/documentation/Soap_api_doc_AA_PolicyDecisionPoint.pdf | *[http://www.escidoc.org/documentation/Soap_api_doc_AA_PolicyDecisionPoint.pdf Policy decision point] | ||
==Implementation of existing policies== | ==Implementation of existing policies== | ||
| Line 15: | Line 15: | ||
**Table: role_grant | **Table: role_grant | ||
**Table: scope_def | **Table: scope_def | ||
*Policy change takes effect after escidoc-core restart | |||
==Filters== | ==Filters== | ||
| Line 27: | Line 28: | ||
*PDP engine | *PDP engine | ||
==See also== | |||
*[http://www.escidoc.org/media/docs/escidoc-days-2009/escidoc-ws-aa.pdf AA eSciDoc Days presentation] | |||
[[Category: | [[Category:Code_Discussion|Code 2009-06-29]] | ||
Latest revision as of 12:40, 4 September 2009
Previous topic[edit]
Next topic[edit]
Authorization mechanisms[edit]
- XACML policy example
- Policy decision point
Implementation of existing policies[edit]
- in PgSql database aa schema
- Table: escidoc_role (role definitions)
- Table: escidoc_policies (policies in XACML for a role)
- Table: role_grant
- Table: scope_def
- Policy change takes effect after escidoc-core restart
Filters[edit]
- translate XACML rules into SQL Queries
- careful about what works and what does not work
Policy examples[edit]
Implementation of new actions[edit]
- other code discussion meeting
- implementation of new policies and actions
- PDP engine