...
After defining the accessible user roles in the resource policy as shown above, you can associate that policy to the HTTP verbs of URL patterns in the Step 3 - Web Application Resources section. For example, if you are addingthe adding the resource policy created above to the GET HTTP verb of the /{context}/{version}/timeTables
URL pattern as shown below, then a HTTP GET request sent to /{context}/{version}/timeTables
is authorized only for a users of member and admin roles.
XACML policy based resource authorization
...
Follow the steps below to associate the defined XACML policies with the HTTP verbs of the URL Pattern of Web application resources when creating a Web application.
...
In the Step 2 - Policies
...
...
of creating a Web application, select the policy
...
and then
...
select Permit
...
or Deny in the XACML Policies section as shown below
...
to create a new resource policy by enabling the defined XACML policy. (If you
...
select Permit, the user will be permitted to access, and if you
...
select Deny, the Web app resource access will be denied.
...
)
Associate the XACML policy defined above to a HTTP Verb of a specific URL Pattern of a Web app resource in Step 3 - Web Application Resources section as shown below.