https://github.com/scsibug/a2x
ALFA to XACML compiler (sourcehut mirror)
https://github.com/scsibug/a2x
alfa authorization xacml
Last synced: 20 days ago
JSON representation
ALFA to XACML compiler (sourcehut mirror)
- Host: GitHub
- URL: https://github.com/scsibug/a2x
- Owner: scsibug
- License: gpl-3.0
- Created: 2025-10-28T11:33:27.000Z (8 months ago)
- Default Branch: master
- Last Pushed: 2025-11-21T16:32:21.000Z (7 months ago)
- Last Synced: 2025-12-26T00:53:47.210Z (6 months ago)
- Topics: alfa, authorization, xacml
- Language: Rust
- Homepage: https://git.sr.ht/~gheartsfield/a2x
- Size: 447 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: COPYING
Awesome Lists containing this project
README
ALFA to XACML (a2x)
-------------------
[](https://builds.sr.ht/~gheartsfield/a2x/commits/master?)
a2x converts policies written in the ALFA language to XACML 3.0 XML
policies.
Licensed under the [GNU General Public License v3.0 or
later](https://spdx.org/licenses/GPL-3.0-or-later.html).
### CHANGELOG
Please see the [CHANGELOG](CHANGELOG.md) for release history.
### Usage
Convert any files in the `src` directory ending in `.alfa` to XACML,
saving to the `xacml` directory.
```
$ a2x --input src --output xacml
```
The `--input` option can be repeated for as many files or directories
as desired.
Most entities from the XACML spec are predefined and available through
an implicitly imported namespace. To see a listing, run:
```
$ a2x --show-builtins
```
If you prefer to not have these implicitly imported, they can be
disabled with the ```--disable-builtins``` flag.
The default prefix for `PolicySetId`, `PolicyId`, and `RuleId` can be
customized with the ```--namespace``` option.
### Sample Policy
A [sample policy](samples/retail/README.md) is included in this
repository, which may be helpful as a reference for ALFA language
features, and a known working example for running `a2x`.
Convert the sample to XACML:
```
$ a2x -i samples -o xacml-gen
ALFA to XACML Converter v0.1.2
==============================
Input: samples
Output: xacml-gen
Scanning input directory...
Found 5 ALFA policy files
Parsing ALFA policies:
✓ samples/retail/attr.alfa
✓ samples/retail/oblig.alfa
✓ samples/retail/common.alfa
✓ samples/retail/main.alfa
⊘ samples/retail/empty.alfa (empty)
Writing XACML policies:
✓ xacml-gen/main.retail.xml
✓ xacml-gen/common.deny.xml
✓ xacml-gen/main.customerBusinessHours.xml
✓ xacml-gen/main.customerAddToCart.xml
✓ xacml-gen/main.clerkAddToCart.xml
✓ xacml-gen/main.voidTransaction.xml
Summary:
--------
ALFA files processed : 5
XACML files generated : 6
Policy Sets written : 3
Policies written : 7
Rules written : 9
Total time: 4.1ms
✓ Conversion completed successfully
```
### Building
a2x is written in Rust, so you will need to [install
Rust](https://www.rust-lang.org/) to compile it. Rust version 1.85.0
(stable) or newer is supported.
To build a2x:
```
$ git clone https://git.sr.ht/~gheartsfield/a2x
$ cd a2x
$ cargo build --release --locked
$ ./target/release/a2x --version
a2x 0.1.0
```
### Running tests
a2x has unit tests and full end-to-end tests that ensure ALFA policies
are converted to exact matches of manually verified XACML policies.
To run all these tests, use:
```
$ cargo test
```
### References
* [XACML
3.0](https://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html) -
the OASIS specification for eXtensible Access Control Markup
Language.
* [ALFA 1.0](https://groups.oasis-open.org/higherlogic/ws/public/download/55228/alfa-for-xacml-v1.0-wd01.doc) - the OASIS draft specification for ALFA (Word format)
* [ALFA Guide](https://alfa.guide/) - many resources for learning and using ALFA
* [ALFA 2.0](https://www.ietf.org/archive/id/draft-brossard-alfa-authz-00.html) - future evolution of the ALFA language