0

Currently I'm working on a project which exposes a XACML PDP as REST API. Which would eventually allow clients send REST requests containing various XACML request related properties and retrieve decisions on them.

I have already implemented the services, but now i need to align the REST endpoints correctly as defined in the REST specification for XACML 3.0 (http://docs.oasis-open.org/xacml/xacml-rest/v1.0/csprd03/xacml-rest-v1.0-csprd03.html)

In the document, it defines various URIs for each resource

ex: for the REST entry point the URI is (as in section 2.2.1) urn:oasis:names:tc:xacml:3.0:profile:rest:home

What I need to know is what is the corresponding URL for this URI

Assuming my service is hosted in https://example.com/xacml

is it https://example.com/xacml/home ?

Thank you

ManZzup
  • 526
  • 4
  • 12

1 Answers1

0

According to the REST profile of XACML (you can tweet to the author), there are several endpoints you need to support:

  • entry point (identified as urn:oasis:names:tc:xacml:3.0:profile:rest:home): this is the root of your web service. In your case, it would simply be https://example.com/xacml or perhaps https://example.com/xacml/api (if you wanted to have a UI of some kind at the top-level)
  • the PDP (identified as urn:oasis:names:tc:xacml:3.0:profile:rest:pdp): this is where you send XACML requests to. In the Axiomatics Policy Server, it is <host>:<port>/asm-pdp/authorize

When you send a request to the home endpoint, it replies with:

<?xml version="1.0"?><resources xmlns="http://ietf.org/ns/home-documents"
    xmlns:atom="http://www.w3.org/2005/Atom">
  <resource rel="http://docs.oasis-open.org/ns/xacml/relation/pdp">
    <atom:link href="/asm-pdp/authorize"/>
  </resource>
</resources>

HTH, David.

David Brossard
  • 13,584
  • 6
  • 55
  • 88