Yuri Demchenko wrote:
David,
Tom referred to the message by Rachana in which is "XACML Authorization service interface contribution from James Moore ISI/IBM" mentioned.
Can somebody clarify relations between all these implementation?
I think the next scheduled Telecon can help to do that, if emails do not do it before regards David
Yuri
David Chadwick wrote:
Hi Tom
we have already implemented this in GT4, including the use of obligations in responses. It is part of our coordination service that we discussed with Rachana in January and are contributing to Globus.
We have two implementations.
i) Java interface that uses the GT4 java authz callout for a local PDP
ii) Web services interface for a remote PDP, that uses the SAML 2.0 profile of XACMLv2.0 as specified in the OGSA-Authz profile "Use of XACML Request Context to access a PDP".
Linying can provide further details of the specifics.
regards
David
Tom Scavo wrote:
FYI, work has begun to incorporate an implementation of the SAML 2.0 Profile of XACML into Globus Toolkit:
http://www.globus.org/mail_archive/jwscore-dev/2007/03/msg00019.html
Tom Scavo NCSA -- ogsa-authz-wg mailing list ogsa-authz-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-authz-wg
-- ogsa-authz-wg mailing list ogsa-authz-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-authz-wg
-- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************