Google Code Project Provides Enterprise Java XACML

The 'enterprise-java-xacml' Google Code Project provides a high performance XACML 2.0 implementation that can used in the enterprise environment. A first release has been announced; the software is made available under the Apache License 2.0. Enterprise Java XACML intends to fully implement OASIS XACML 2.0 and will support XACML 3.0 in the future. It is a totally independent implementation. It fully implements XACML 2.0 core standard and has passed all conformance tests. It provides PDP that can accept XACML requests and returns XACML responses.

The software is said to offer a highly effective target indexing mechanism that greatly speeds up policy searching and completely cached decisions that can speed up the evaluation. It supports a plugable data store mechanism: users can implement their own data store by implementing only a few interfaces; a file data store implementation is provided.

It features a plugable context factory: users can implement their own context factory that wrap request/response in a specific format, and a default implementation is supplied. A plugable logger mechanism means users can implement their own logger mechanism: "I've provided 2 types of logger, one is log4j, the other is a default logger; if log4j conflicts with user's system, they may want to use this default one."

The tool supports an extensible XACML function registering mechanism; users can write their own functions and register them to PDP and then use in policies. The extensible attribute retriever mechanism means that users can write their own attribute retriever to retrieve attributes from external systems. It provides simple PAP APIs that can be used to produce XACML policy files; users who want write an XACML policy administrative UI can also rely on these APIs. Both XACML APIs and an application framework are supported, which means users can incorporate this implementation by calling XACML APIs from their own applications. The implementation also provides a standalone application framework that users can start and directly send XACML request to it for evaluation. The software is distributed with unit tests and conformance tests against XACML 2.0.

Read the complete announcement. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I