wso2 中的 XACML 自定义 RuleCombining 算法
XACML Custom RuleCombining algorithm in wso2
我是WSO2 IS的用户,
我需要在我的 WSO2 IS 中添加自定义 RuleCombining 算法。
我正在使用这个 example of balana and when I create this
WSO2 IS 中的政策我收到此错误:不受支持的权利政策。无法解析策略,这是 WSO2 IS 的日志:
ERROR {org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader} - Error while parsing the policy org.wso2.balana.ParsingException: Error parsing combining algorithm in Policy
Caused by: org.wso2.balana.UnknownIdentifierException: unknown combining algId: urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:highest-effect
at org.wso2.balana.combine.BaseCombiningAlgFactory.createAlgorithm(BaseCombiningAlgFactory.java:138)
at org.wso2.balana.AbstractPolicy.<init>(AbstractPolicy.java:237)
已编辑:
谢谢大卫的回答,
在同一个示例页面中,我们可以看到我们可以使用自定义函数、算法和数据类型扩展 WSO2 IS,添加一个 balana 配置文件:
However, If you want to ask WSO2 Identity Server to initialize the
Balana by reading configuration file. You can do it by creating a new
configuration file called “balana-config.xml” under the
/repository/conf/security directory. As an example, Say you
want to add new rule combining algorithm to work with WSO2 Identity
Server entitlement engine. Then you can follow same way that is
configuring it with Balana. Please refer this blog post for more
details. However I would like to summarize the step to follow.
但是按照这些步骤操作后,它似乎不起作用。
在此问题上的任何其他帮助将不胜感激。
我正在考虑将公理化作为 XACML 引擎,但似乎很难获得用于测试或启动目的的版本。你能告诉我这个问题吗?
无法使用自定义组合算法扩展 WSO2 IS。 post 你 link 表示:
WSO2 Identity Server does not deal with those Because most of the
applications use standard set of functions, attribute and combining
algorithms that is defined in the XACML specification. Therefore, by
default, WSO2 Identity Server initializes the Balana instance with
default standard configuration.
如果您想使用组合算法,请改用 Axiomatics Policy Server。
旁注:为什么需要组合算法?你应该尽量坚持标准的组合算法。 urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:highest-effect 是做什么的?此外,您不能将 OASIS 命名空间用于组合算法。
我是WSO2 IS的用户, 我需要在我的 WSO2 IS 中添加自定义 RuleCombining 算法。 我正在使用这个 example of balana and when I create this WSO2 IS 中的政策我收到此错误:不受支持的权利政策。无法解析策略,这是 WSO2 IS 的日志:
ERROR {org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader} - Error while parsing the policy org.wso2.balana.ParsingException: Error parsing combining algorithm in Policy
Caused by: org.wso2.balana.UnknownIdentifierException: unknown combining algId: urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:highest-effect
at org.wso2.balana.combine.BaseCombiningAlgFactory.createAlgorithm(BaseCombiningAlgFactory.java:138)
at org.wso2.balana.AbstractPolicy.<init>(AbstractPolicy.java:237)
已编辑:
谢谢大卫的回答,
在同一个示例页面中,我们可以看到我们可以使用自定义函数、算法和数据类型扩展 WSO2 IS,添加一个 balana 配置文件:
However, If you want to ask WSO2 Identity Server to initialize the Balana by reading configuration file. You can do it by creating a new configuration file called “balana-config.xml” under the /repository/conf/security directory. As an example, Say you want to add new rule combining algorithm to work with WSO2 Identity Server entitlement engine. Then you can follow same way that is configuring it with Balana. Please refer this blog post for more details. However I would like to summarize the step to follow.
但是按照这些步骤操作后,它似乎不起作用。
在此问题上的任何其他帮助将不胜感激。
我正在考虑将公理化作为 XACML 引擎,但似乎很难获得用于测试或启动目的的版本。你能告诉我这个问题吗?
无法使用自定义组合算法扩展 WSO2 IS。 post 你 link 表示:
WSO2 Identity Server does not deal with those Because most of the applications use standard set of functions, attribute and combining algorithms that is defined in the XACML specification. Therefore, by default, WSO2 Identity Server initializes the Balana instance with default standard configuration.
如果您想使用组合算法,请改用 Axiomatics Policy Server。
旁注:为什么需要组合算法?你应该尽量坚持标准的组合算法。 urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:highest-effect 是做什么的?此外,您不能将 OASIS 命名空间用于组合算法。