[OGSA-AUTHZ] Globus impl of SAML 2.0 Profile of XACML
David Chadwick
d.w.chadwick at kent.ac.uk
Fri Mar 16 06:50:15 CST 2007
Yuri Demchenko wrote:
> David,
>
> Tom referred to the message by Rachana in which is "XACML Authorization
> service interface contribution from James Moore ISI/IBM" mentioned.
>
> Can somebody clarify relations between all these implementation?
I think the next scheduled Telecon can help to do that, if emails do not
do it before
regards
David
>
> Yuri
>
> David Chadwick wrote:
>> Hi Tom
>>
>> we have already implemented this in GT4, including the use of
>> obligations in responses. It is part of our coordination service that we
>> discussed with Rachana in January and are contributing to Globus.
>>
>> We have two implementations.
>>
>> i) Java interface that uses the GT4 java authz callout for a local PDP
>>
>> ii) Web services interface for a remote PDP, that uses the SAML 2.0
>> profile of XACMLv2.0 as specified in the OGSA-Authz profile "Use of
>> XACML Request Context to access a PDP".
>>
>> Linying can provide further details of the specifics.
>>
>> regards
>>
>> David
>>
>>
>> Tom Scavo wrote:
>>> FYI, work has begun to incorporate an implementation of the SAML 2.0
>>> Profile of XACML into Globus Toolkit:
>>>
>>> http://www.globus.org/mail_archive/jwscore-dev/2007/03/msg00019.html
>>>
>>> Tom Scavo
>>> NCSA
>>> --
>>> ogsa-authz-wg mailing list
>>> ogsa-authz-wg at ogf.org
>>> http://www.ogf.org/mailman/listinfo/ogsa-authz-wg
>>>
>
> --
> ogsa-authz-wg mailing list
> ogsa-authz-wg at ogf.org
> http://www.ogf.org/mailman/listinfo/ogsa-authz-wg
>
--
*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5
*****************************************************************
More information about the ogsa-authz-wg
mailing list