I am new to XACML. I need to work on the XACML. So I read the section in the link below:
https://www.oasis-open.org/committees/download.php/2713/Brief_Introduction_to_XACML.html
However, I am confused about how to send the XACML request to the policy for the output after reading the article above.
Is there any software to load the policy file and take the request xml file as input to generate the output??
I googled it a bit and the close application I can find is called WSO2 Identity server... It took me quite a while to make it up and running on my machine but it requested me to login? I tried to use the same login details as I registered with WSO2, it does not work.. Also, identity server does not sound to have something to do with XACML??
Please advise if I am in the wrong path..
You're missing the architecture part. A PDP evaluates the policies. A PEP sends a request to a PDP.
If you write XACML policies, you give them to the PDP. You then create a request with the PEP which you send to the PDP via SOAP / REST / JSON (you choose).
Have a look at the ABAC architecture on Wikipedia: https://en.wikipedia.org/wiki/Attribute-based_access_control
Balana is an open source PDP developed by WSO2. Also look into AuthzForce, ATT XACML, and Axiomatics.