This tutorial introduces an additional security generic enabler - Authzforce and adds fine grained control to the security rules generated by Keyrock. Access to the entities created in the previous tutorial is now configured and controlled using an XACML access control policy - this creates a flexible ruleset which can be uploaded and reinterpreted on the fly so complex business rules can be created and changed according to current circumstances.
The tutorial discusses code showing how to integrate Authzforce within a web application and demonstrates examples of Authzforce XACML Server-PDP interactions. cUrl commands are used to show the interactions between generic enablers. Postman documentation is also available.
NGSI-v2 offers JSON based interoperability used in individual Smart Systems. To run this tutorial with NGSI-v2, use the NGSI-v2
branch.
git clone https://github.com/FIWARE/tutorials.XACML-Access-Rules.git
cd tutorials.XACML-Access-Rules
git checkout NGSI-v2
./services create
./services start
📚 Documentation | Postman Collection |
---|
MIT © 2018-2024 FIWARE Foundation e.V.