[prev in list] [next in list] [prev in thread] [next in thread]
List: wsas-java-user
Subject: Re: [User] Identity Server
From: Asela Pathberiya <aselapathberiya () gmail ! com>
Date: 2012-05-15 16:50:10
Message-ID: CAKfK-yqpOojDfif2+3RVRJ3AL+97MqQOBp0Ag1suzud9kayAGA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Tue, May 15, 2012 at 9:23 PM, Arleis Prieto River=F3n <
aprieto@estudiantes.uci.cu> wrote:
> Hi all.
> My question is if the Identity Server can know the IP address of which
> comes a authorization request without need specify the IP address in the
> XACML request.
>
If the IP address (or any attribute) is not specify in the XACML request,
you need to feed it to the XACML engine (PDP) by using a PIP (policy
information point) . As an example there can be attribute source that
contains list of IP addresses with respect to the user id. If XACML
request contains the user id, PIP can be used to find the IP address
corresponding to the user id and feeds it to PDP. You can find more info
about PIP from here [1]
[1] http://xacmlinfo.com/2011/12/18/understanding-pip/
Thanks,
Asela.
> Thanks in advance
>
> 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS
> INFORMATICAS...
> CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION
>
> http://www.uci.cu
> http://www.facebook.com/universidad.uci
> http://www.flickr.com/photos/universidad_uci
> _______________________________________________
> User mailing list
> User@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/user
>
[Attachment #5 (text/html)]
<br><br><div class="gmail_quote">On Tue, May 15, 2012 at 9:23 PM, Arleis Prieto \
Riverón <span dir="ltr"><<a href="mailto:aprieto@estudiantes.uci.cu" \
target="_blank">aprieto@estudiantes.uci.cu</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"> Hi all.<br>
My question is if the Identity Server can know the IP address of which comes a \
authorization request without need specify the IP address in the XACML \
request.<br></blockquote><div><br>If the IP address (or any attribute) is not specify \
in the XACML request, you need to feed it to the XACML engine (PDP) by using a PIP \
(policy information point) . As an example there can be attribute source that \
contains list of IP addresses with respect to the user id. If XACML request contains \
the user id, PIP can be used to find the IP address corresponding to the user id and \
feeds it to PDP. You can find more info about PIP from here [1] <br> <br>[1] <a \
href="http://xacmlinfo.com/2011/12/18/understanding-pip/">http://xacmlinfo.com/2011/12/18/understanding-pip/</a><br><br>Thanks,<br>Asela. \
<br> </div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Thanks in advance<br>
<br>
10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS \
INFORMATICAS...<br> CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION<br>
<br>
<a href="http://www.uci.cu" target="_blank">http://www.uci.cu</a><br>
<a href="http://www.facebook.com/universidad.uci" \
target="_blank">http://www.facebook.com/universidad.uci</a><br> <a \
href="http://www.flickr.com/photos/universidad_uci" \
target="_blank">http://www.flickr.com/photos/universidad_uci</a><br> \
_______________________________________________<br> User mailing list<br>
<a href="mailto:User@wso2.org">User@wso2.org</a><br>
<a href="http://wso2.org/cgi-bin/mailman/listinfo/user" \
target="_blank">http://wso2.org/cgi-bin/mailman/listinfo/user</a><br> \
</blockquote></div><br>
_______________________________________________
User mailing list
User@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic