Bug 5707 - Campaign: Improve C XACML/SAML Engine
: Campaign: Improve C XACML/SAML Engine
Status: ASSIGNED
: GSI C
Authorization
: development
: Macintosh All
: P3 enhancement
: ---
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2007-12-06 15:54 by
Modified: 2008-09-06 09:03 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2007-12-06 15:54:47
Definition:

In the campaign "XACML Authorization Service Interface" (bug #5102) we 
created an initial alpha version of an XACML/SAML authorization service
and client. In this campaign, we address some of the limitations of the
implementation based on the feedback from the initial alpha user community.

Benefits:

This interface provides an authorization service interface that allows
for processing attributes as a part of the request context and
obligations as a part of the response decision.

Tasks:

- Improve I/O interface to have more flexibility to better support SSL.
- Simplify obligation generation for servers
- Add documentation for the client and server APIs
- Add tests for the client and server APIs
- Fix bugs as they are discovered

Resources:
8 days
------- Comment #1 From 2007-12-07 15:55:08 -------
Another bit of feedback is to implement the SOAP profile for XACML-SAML. This
profile is located at http://switch.ch/grid/support/documents/xacmlsaml.pdf
------- Comment #2 From 2008-01-11 11:32:31 -------
The changes in the campaign definition have been committed to the campaign_5707
branch of gsi/xacml.

A new alpha release is now linked off of
http://www-unix.mcs.anl.gov/~bester/xacml/