Skip to main content
Stack Overflow
  1. About
  3. For Teams
Filter by
Sorted by
Tagged with
Best practices
5 votes
2 replies
188 views

I’ve been working on an issue in our Spring Boot application for some time now: authorization. Because we have a more complex permission model — permissions depend not only on roles, but also on user-...
0 votes
0 answers
262 views

In my Next.js application, I have these roles: manager technician front-desk external-user My Pages/Routes are: /dashboard /users /orders /orders/:id /orders/:id/edit /orders/new Now, correct ...
0 votes
1 answer
45 views

I am a beginner in XACML and ABAC. I wrote a policy in XACML, which I deployed in the AuthzForce local server, and it works as expected with my test request in Postman. However, now I want to modify ...
0 votes
1 answer
164 views

Let’s create a user and table with some data: CREATE ROLE admin; CREATE TABLE employee (empno int, ename text, address text, salary int, account_number text); INSERT INTO employee VALUES (1, 'john' ...
2 votes
0 answers
82 views

I have the following dummy Rego policy is_permitted if { owner := dataowner.resources[input.resource][input.resource_id].owner permitted_members := data.owners[owner].permissions[input....
shays10's user avatar
  • 539
0 votes
2 answers
410 views

We currently use ABAC in AWS to allow our developers to manage resources which are tagged as owned by their team. This is done through a policy with a condition as below: "Condition" : { &...
0 votes
0 answers
300 views

Keycloak java script policy not visible after deploying as jar as per keycloak documentation. Steps : Created a folder with META-INF folder and policy.js as below enter image description here created ...
V B's user avatar
  • 1
2 votes
0 answers
603 views

I am trying to use the example of multiple casbin policy RBAC and ABAC. Here are example model and policy from official. multiple_policy_definitions_model.conf [request_definition] r = sub, obj, act ...
0 votes
1 answer
293 views

I am new in Azure AD and trying to learn dynamic membership group for ABAC. However, when i click on groups, it shows below error, so i cant create a dynamic membership group. Any solution please? ...
1 vote
1 answer
131 views

Im new to xacml and I am trying to understand how in practice the PDP can evaluate a policy that depends on several PIPs. Let's take an example: Imagine a context where Josh can take up the role of ...
0 votes
0 answers
757 views

So I'm currently using the WebSecurityConfig proposed in ch4mpy's repository - or just the package spring-addons-webmvc-jwt-resource-server. A controller therefore can be annotated via a classical ...
0 votes
0 answers
1k views

I am working on a new snowflake project where I will have to implement ABAC (Attribute Based Access Control). Although all the Rules are yet to be finalized, I am wondering if we have any documents ...
0 votes
1 answer
2k views

I have an use case like this: the dev team creates resource groups and resources in it, using azure devops pipelines. One of the pipelines steps, is to assign role to a newly created Key Vault with a ...
2 votes
1 answer
600 views

It is straight forward to check if a user has permission for a GET request on a collection (e.g. /orders), but how does ABAC deal with items of collections? The user may have permission for some items ...
1 vote
0 answers
64 views

What authentication method is commonly used for the PIP (e.g. certificate, login and password)? Is the access of the PIP also authorized by the ABAC? I would assume that in most cases the PIP ...

15 30 50 per page
1
2 3 4 5
...
20

AltStyle によって変換されたページ (->オリジナル) /