Wso2 Identity Server是否通过JSON支持MDP?
我有一个XML XACML请求,其中包含多个决策概要文件(MDP)元素——同一类型的多个类别,以及可选的MultipleRequest元素。 此请求在Wso2 IS 5.3.0中正常工作 但是,如果我尝试以JSON形式重写此请求,对应于XACML JSON概要文件,WSO2将无法按预期处理它:Wso2 Identity Server是否通过JSON支持MDP?,json,authorization,wso2is,xacml,abac,Json,Authorization,Wso2is,Xacml,Abac,我有一个XML XACML请求,其中包含多个决策概要文件(MDP)元素——同一类型的多个类别,以及可选的MultipleRequest元素。 此请求在Wso2 IS 5.3.0中正常工作 但是,如果我尝试以JSON形式重写此请求,对应于XACML JSON概要文件,WSO2将无法按预期处理它: 若我使用多请求对象,服务器返回错误(40020)“请求解析异常” 若我只是将几个类别对象枚举为数组,而并没有显式的MultiRequest,那个么服务器在这些类别中找不到任何属性值 使用wso2is
- 若我使用多请求对象,服务器返回错误(40020)“请求解析异常”
- 若我只是将几个类别对象枚举为数组,而并没有显式的MultiRequest,那个么服务器在这些类别中找不到任何属性值
根据你的测试,简短的回答是不,不是 我针对测试了您的XACML请求,效果很好。以下是JSON格式的响应:
{
"Response":[
{
"Decision":"NotApplicable",
"Status":{
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok",
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok"
}
}
},
"PolicyIdentifierList":{
}
},
{
"Decision":"NotApplicable",
"Status":{
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok",
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok"
}
}
},
"PolicyIdentifierList":{
}
}
]
}
{
"Request": {
"CombinedDecision": false,
"ReturnPolicyIdList": true,
"Category": [
{
"Id": "res-01",
"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:resource",
"Attribute": [
{
"AttributeId": "urn:mytest:testapp:xacml:resource:property-chain:Lesson.Id",
"Value": "lesson_834570716063946"
},
{
"AttributeId": "urn:mytest:testapp:xacml:resource:property-chain:Lesson.Uot.ResponsiblePersonId",
"Value": "person_456454345234353"
}
]
},
{
"Id": "res-02",
"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:resource",
"Attribute": [
{
"AttributeId": "urn:mytest:testapp:xacml:resource:property-chain:Lesson.Id",
"Value": "lesson_8345707160639460"
},
{
"AttributeId": "urn:mytest:testapp:xacml:resource:property-chain:Lesson.Uot.ResponsiblePersonId",
"Value": "person_4564543452343530"
}
]
}
],
"AccessSubject": {
"Id": "subj",
"Attribute": [
{
"AttributeId": "urn:oasis:names:tc:xacml:1.0:subject:subject-id",
"Value": "uid_1234567"
},
{
"AttributeId": "urn:mytest:testapp:xacml:subject:person-id",
"Value": "person_456454345234353"
},
{
"AttributeId": "urn:mytest:testapp:xacml:subject:permissions:LessonOperationsOnMyOwnUots-enabled",
"DataType": "boolean",
"Value": true
}
]
},
"Action": {
"Id": "act-01",
"Attribute": [
{
"AttributeId": "urn:oasis:names:tc:xacml:1.0:action:action-id",
"Value": "Courses.CreateLesson"
}
]
},
"MultiRequests": {
"RequestReference": [
{
"ReferenceId": ["res-01","act-01","subj"]
},
{
"ReferenceId": ["res-02","act-01","subj"]
}
]
}
}
}
{
"Response":[
{
"Decision":"NotApplicable",
"Status":{
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok",
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok"
}
}
},
"PolicyIdentifierList":{
}
},
{
"Decision":"NotApplicable",
"Status":{
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok",
"StatusCode":{
"Value":"urn:oasis:names:tc:xacml:1.0:status:ok"
}
}
},
"PolicyIdentifierList":{
}
}
]
}