[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml-users] XACML Resource Element
Hal I'd like to look at the BEA's PDP. Can you give a URL to documentation? thanks argyn > -----Original Message----- > From: Hal Lockhart [mailto:hlockhar@bea.com] > Sent: Thursday, September 22, 2005 10:56 AM > To: Kuketayev, Argyn (Contractor); xacml-users@lists.oasis-open.org > Subject: RE: [xacml-users] XACML Resource Element > > Actually XACML does support codeBase as an access subject > type to support models of this type. Microsoft also has some > access control based on the notion of "the code that called this." > > Also note BEA WebLogic Platform 9.01 has an XACML engine > embedded in it. We make it available under our authorization > provider, which is part of out security framework, but it > would be perfectly possible to access an XACML PDP under JSR > 115 (JAAC). > > That said, the committee is well aware of the fact that I > personally think the Jave accessscontrol model is seriously > wrongheaded. > > Hal > > > -----Original Message----- > > From: Kuketayev, Argyn (Contractor) > > [mailto:argyn_kuketayev@fanniemae.com] > > Sent: Wednesday, September 21, 2005 3:29 PM > > To: xacml-users@lists.oasis-open.org > > Subject: RE: [xacml-users] XACML Resource Element > > > > > > Jeff > > > > Check this out > > http://research.sun.com/projects/xacml/J2SEPolicyProvider.html > > > > Argyn > > > > > -----Original Message----- > > > From: Jeff Trent [mailto:jtrent@structsoft.com] > > > Sent: Wednesday, September 21, 2005 3:10 PM > > > To: Daniel Engovatov; marchadr@wellsfargo.com; > Seth.Proctor@sun.com > > > Cc: xacml-users@lists.oasis-open.org > > > Subject: Re: [xacml-users] XACML Resource Element > > > > > > I am fairly new to the list so excuse me if this topic > has already > > > been raised. > > > > > > I am very interested in knowing if anyone has considered > normative > > > profile mapping for Java2 permissions or the J2EE/JACC security > > > models as well? > > > > > > IMHO, Java2 permissions don't fit the XACML model cleanly > since it > > > usually involves permissions restricting a codeBase and not a > > > Subject / user. > > > Thoughts? > > > > > > Jeff > > > > > > > > --------------------------------------------------------------------- > > This publicly archived list supports open discussion on using the > > XACML OASIS Standard. To minimize spam in the archives, you must > > subscribe before posting. > > > > [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/ > > Alternately, using email: list-[un]subscribe@lists.oasis-open.org > > List archives: http://lists.oasis-open.org/archives/xacml-users/ > > Committee homepage: http://www.oasis-open.org/committees/xacml/ > > List Guidelines: http://www.oasis-open.org/maillists/guidelines.php > > Join OASIS: http://www.oasis-open.org/join/ > > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]