Authorization

The DirX Access Manager authorization configuration allows you to configure abstractions used in the authorization subsystem, specifically:

  • Basic vocabulary to be used when creating or editing XACML policies (outside the RBAC domain).

  • Templates for the contents of XACML authorization decision requests or the mapping between access requests and authorization decision requests (for Web Services PEPs; note that Web PEPs do not currently support this level of configuration).

  • Templates for the interpretation of subject-specific XACML policy attributes relative to authenticated subject information.