堆栈内存溢出
  简体   繁体   English

如何将Wso2 IS xacml与Java MVC应用程序集成

[英]How to integrate Wso2 IS xacml with java MVC application

 原文  2016-12-11 06:03:04       authorization/ wso2is/ xacml/ xacml3/ abac

问题描述

I am trying to implement Wso2 identity server's XACML based access control with the JAVA MVC application. 我正在尝试用JAVA MVC应用程序实现Wso2身份服务器的基于XACML的访问控制。

Use Case : User logs in and view only selected pages/menus(and also the action on these page ex.view,post,delete etc.) defined in the XACML policy. 用例 :用户登录并仅查看XACML策略中定义的选定页面/菜单(以及这些页面上的操作,例如,查看,张贴,删除等)。

What I have checked in WSO2 IS XACML will return Permit/Deny/NotApplicable for particular resource. 我在WSO2 IS ISAC中检查的内容将针对特定资源返回“允许/拒绝/不适用”。

So just want to know is this use case's solution is possible with the Wso2 IS XACML and how. 因此,只想知道Wso2 IS XACML以及如何使用此用例的解决方案是可能的。

Please help. 请帮忙。

Thanks 谢谢

1 个解决方案

解决方案1
 0 已采纳  2016-12-11 18:36:37

This is totally possible. 这完全有可能。 There are two ways you can achieve this. 有两种方法可以实现此目的。

  1. Using WSO2 Identity Server as the entitlement engine 使用WSO2 Identity Server作为授权引擎

With this option. 使用此选项。 You can create and manage policies using WSO2 Identity Server provided policy editor. 您可以使用WSO2 Identity Server提供的策略编辑器来创建和管理策略。 You can manage the lifecycle of policies (publish/unpublish) etc. 您可以管理策略的生命周期(发布/取消发布)等。

Then you can consume the SOAP Entitlement Service provided by Identity Server from your application. 然后,您可以使用应用程序中Identity Server提供的SOAP权利服务。 With IS 5.3.0 we provide a REST service for XACML as well. 借助IS 5.3.0,我们还为XACML提供了REST服务。

Read more about these in [1] , [2] [1][2]中详细了解这些内容

  1. Using WSO2 Balana entitlement Engine. 使用WSO2 Balana授权引擎。

Balana is WSO2's open source implementation of XACML. Balana是WSO2的XACML的开源实现。 WSO2 Identity Server internally uses this library/engine for Entitlement. WSO2 Identity Server在内部使用此库/引擎来获得权利。 You can use this library directly in you application to achieve you use case. 您可以在应用程序中直接使用此库来实现用例。 In fact, part of the use case is available as a sample in Balana. 实际上,部分用例可以在Balana中作为样本获得。 This sample explain how Balana could be used to filter resources in a web page based on user(or his role). 此示例说明如何使用Balana根据用户(或他的角色)来过滤网页中的资源。 Read more about the sample here . 此处阅读有关示例的更多信息。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 来自WSO2 IDP的XACML授权详细信息的应用程序级别缓存 - Application level caching of XACML Authorization Details from WSO2 IDP 带有WSO2 Identity Server的XACML - XACML with WSO2 Identity Server WSO2 XACML REST API - WSO2 XACML REST API WSO2 Identity Server –如何为扩展PIP编写XACML策略 - WSO2 Identity Server – How to write a XACML Policy for an Extended PIP wso2 IS XACML策略中如何验证角色及其权限 - In wso2 IS XACML policy how to validate role and its permissions WSO2 Identity XACML - 支持条件语句吗? - WSO2 Identity XACML - Support for Condition Statement? WSO2 XACML动态属性值 - WSO2 XACML dynamic attribute value WSO2-使用API​​的策略管理(XACML) - WSO2 - Policy Management (XACML) using API WSO2 ESB XACML授权剩余/肥皂Web服务客户端Java - WSO2 ESB XACML Authorization rest/soap web services client java 如何在wso2身份服务器中对自己创建的数据库实施xacml策略? - how to enforce xacml policies on self created database in wso2 identity server?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM