Bug 4723 - CAMPAIGN: CAS as Local Policy Decision Point
: CAMPAIGN: CAS as Local Policy Decision Point
: CAS/SAML utilities
: development
: PC Windows XP
: P3 normal
: 4.2
Assigned To:
: 4069
  Show dependency treegraph
Reported: 2006-09-21 09:30 by
Modified: 2006-10-13 17:19 (History)



You need to log in before you can comment on or make changes to this bug.

Description From 2006-09-21 09:30:13

Design and implement a local PDP interface for CAS server, so it can
be co-located with the authorization engine.


CAS is being proposed as a solution for managing policies for services
and resources in the GT container. These features should facilitate
using of a local CAS install and prevent network overheads involved in
using CAS as authorization service. This should help in adoption of
CAS as web services policy management.


1) Investigate design options for allowing CAS to be invoked as local PDP
2) Write a new PDP that interfaces with a local CAS server
3) Tests for new functionality
4) Documentation
------- Comment #1 From 2006-09-21 16:14:12 -------
* Add interface that provides Java API to retrieve policy information for a
specific query.
* No Java Administrative interface is provided in this campaign. Local
 invocation can be used by colocated resource creators to set up policy.
* Add PDP that uses JNDI to access the CAS resource and retrieve the policy
information. Based on that return a Decision.
------- Comment #2 From 2006-10-02 09:38:44 -------
Added Java API in CasResource for retrieving CAS policy information and
LocalCasPDP class that uses CAS local interface to evaluate policy. Compeleted
a test service that uses LocalCasPDP. Need to write a test that exercises the
test service code.
------- Comment #3 From 2006-10-13 17:19:15 -------
Tests completed and code has been merged with trunk. 

Documentation has been added to 4.2 drafts. Created new section for WS policy
and under that added example walk-through for using CAS as Local PDP:

All deliverables completed.