https://github.com/fiware/tutorials.xacml-access-rules

:closed_book: FIWARE 405: Ruleset Based Permissions
https://github.com/fiware/tutorials.xacml-access-rules

access-control authzforce fiware pdp security tutorial xacml xacml-policies

Last synced: 5 days ago
JSON representation

:closed_book: FIWARE 405: Ruleset Based Permissions

• Host: GitHub
• URL: https://github.com/fiware/tutorials.xacml-access-rules
• Owner: FIWARE
• License: mit
• Created: 2018-12-18T14:34:40.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2025-02-17T13:58:02.000Z (3 months ago)
• Last Synced: 2025-03-30T18:51:11.466Z (about 1 month ago)
• Topics: access-control, authzforce, fiware, pdp, security, tutorial, xacml, xacml-policies
• Language: Shell
• Homepage: https://authzforce-ce-fiware.rtfd.io/
• Size: 464 KB
• Stars: 4
• Watchers: 9
• Forks: 6
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
[![FIWARE Banner](https://fiware.github.io/tutorials.XACML-Access-Rules/img/fiware.png)](https://www.fiware.org/developers)

[![FIWARE Security](https://nexus.lab.fiware.org/repository/raw/public/badges/chapters/security.svg)](https://github.com/FIWARE/catalogue/blob/master/security/README.md)

[![License: MIT](https://img.shields.io/github/license/fiware/tutorials.XACML-Access-Rules.svg)](https://opensource.org/licenses/MIT)

[![Support badge](https://img.shields.io/badge/tag-fiware-orange.svg?logo=stackoverflow)](https://stackoverflow.com/questions/tagged/fiware)

[![XACML 3.0](https://img.shields.io/badge/XACML-3.0-ff7059.svg)](https://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html)

This tutorial introduces an additional security generic enabler - **Authzforce** and adds fine grained control to the

security rules generated by **Keyrock**. Access to the entities created in the

[previous tutorial](https://github.com/FIWARE/tutorials.PEP-Proxy) is now configured and controlled using an XACML

access control policy - this creates a flexible ruleset which can be uploaded and reinterpreted on the fly so complex

business rules can be created and changed according to current circumstances.

The tutorial discusses code showing how to integrate **Authzforce** within a web application and demonstrates examples

of **Authzforce** XACML Server-PDP interactions. [cUrl](https://ec.haxx.se/) commands are used to show the interactions

between generic enablers. [Postman documentation](https://www.postman.com/downloads/) is also available.

# Start-Up

## NGSI-v2 Smart Supermarket

**NGSI-v2** offers JSON based interoperability used in individual Smart Systems. To run this tutorial with **NGSI-v2**, use the `NGSI-v2` branch.

```console

git clone https://github.com/FIWARE/tutorials.XACML-Access-Rules.git

cd tutorials.XACML-Access-Rules

git checkout NGSI-v2

./services create

./services start

```

| [![NGSI v2](https://img.shields.io/badge/NGSI-v2-5dc0cf.svg)](https://fiware-ges.github.io/orion/api/v2/stable/) | :books: [Documentation](https://github.com/FIWARE/tutorials.XACML-Access-Rules/tree/NGSI-v2) |  [Postman Collection](https://fiware.github.io/tutorials.XACML-Access-Rules/) |  ![](https://img.shields.io/github/last-commit/fiware/tutorials.XACML-Access-Rules/NGSI-v2)

| --- | --- | --- | ---

---

## License

[MIT](LICENSE) © 2018-2024 FIWARE Foundation e.V.