This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Working with XACML
- Former user (Deleted)
- Former user (Deleted)
XACML is an XML-based language for access control that has been standardized by the Technical Committee of the OASIS consortium. XACML is very popular as a fine grained authorization method among the community. However, there are plenty of other aspects of XACML other than it being just a fine grained authorization mechanism.
Using thrift in XACML calls
In order to use thrift in XACML calls, you must first enable the thrift service in the <IS_HOME>/repository/conf/identity/identity.xml file. Set this to true.
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml"> ... <EntitlementSettings> ... <ThirftBasedEntitlementConfig> <EnableThriftService>true</EnableThriftService> ... </ThirftBasedEntitlementConfig> </EntitlementSettings> </Server>
The following topics provide information and instructions on how to use XACML to perform various access control related functions.
- Identity Server as an XACML Engine
- Improving XACML PDP Performance with Caching Techniques
- Integrating WSO2 Identity Server with Liferay
- Writing XACML2.0 Policies in WSO2 Identity Server
- Writing XACML3 Policies in WSO2 Identity Server
- Sending Notifications to External PEP Endpoints
- Configuring WSO2 ESB Entitlement Mediator with Identity Server
- Enabling REST Notifications For XACML Policy Updates