Bugzilla – Bug 5707
Campaign: Improve C XACML/SAML Engine
Last modified: 2008-09-06 09:03:04
You need to
before you can comment on or make changes to this bug.
In the campaign "XACML Authorization Service Interface" (bug #5102) we
created an initial alpha version of an XACML/SAML authorization service
and client. In this campaign, we address some of the limitations of the
implementation based on the feedback from the initial alpha user community.
This interface provides an authorization service interface that allows
for processing attributes as a part of the request context and
obligations as a part of the response decision.
- Improve I/O interface to have more flexibility to better support SSL.
- Simplify obligation generation for servers
- Add documentation for the client and server APIs
- Add tests for the client and server APIs
- Fix bugs as they are discovered
Another bit of feedback is to implement the SOAP profile for XACML-SAML. This
profile is located at http://switch.ch/grid/support/documents/xacmlsaml.pdf
The changes in the campaign definition have been committed to the campaign_5707
branch of gsi/xacml.
A new alpha release is now linked off of