Does apigee support XACML policies?

Report Inappropriate Content · 03-21-2016 03:22 AM

anilsr

@Amit Goel , Can you please provide more details like what exactly is the use case here ?

Report Inappropriate Content

Yes, via a native integration with the Axiomatics Policy Server. APS provides support for XACML 3.0 policies as well as several other profiles. It integrates directly with the Apigee Gateway.

You can find more details on the integration at axiomatics-apigee-api-gateway-integration-guide-fi.pdf.

Cheers,

David.

DChiesa

Apigee Edge does not act as a XACML Server. Apigee Edge does not support XACML directly. I know of customers who call out from Apigee Edge into XACML Servers (Axiomatics, IBM Tivoli Security Policy Manager, the Oracle equivalent, etc) to obtain authorization decisions. In the sense of integration, Apigee Edge "supports XACML". But there is no direct management of XACML within Apigee Edge.

ssvaidyanathan

Hi @Amit Goel

You can try using the Java PEP SDK. Calling it through Java callout. Get the authorization policies back, manipulate and then show the response how ever required.

DChiesa

The above term, "Java PEP SDK", applies specifically to Axiomatics. There may be similar Java JARs for other XACML or Authorization or PDP servers.

Report Inappropriate Content

Thanks everyone for the pointers.