[CXF-4657] Add XACML functionality to CXF runtime - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7
Fix Version/s: 2.7.1
Component/s: JAX-RS Security, WS-* Components
Labels:
None

Estimated Complexity:
Unknown

Description

This task is to add XACML functionality to the CXF runtime, to enable a CXF JAX-WS or JAX-RS endpoint to act as a PEP (Policy Enforcement Point). A SAML Token is extracted from the SecurityContext, and an XACML request is created containing the User/Role/Action/etc. The user must subclass this abstract functionality to actually perform the request to the PDP. The response from the PDP is then enforced in the PEP.

This functionality will be added in a new rt/security module, where we can eventually move more of the common JAX-RS/JAX-WS security functionality from the rt/core module.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Nov/12 09:51

Updated:: 19/Dec/12 14:38

Resolved:: 28/Nov/12 13:47