Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sun Releases Open Source XACML Language

Posted by Hemos on from the building-the-tools dept.

LowneWulf writes "An InternetNews.com article mentions that the OASIS standards group today ratified the Extensible Access Control Markup Language 1.0 specification. But even better, Sun Microsystems Labs has backed this up with an open-source version in Java on Sourceforge."

12 of 157 comments (clear)

  1. How? by JanusFury · · Score: 5, Insightful

    How can a language be open source? A language doesn't need source; it's a syntax. Compilers need source, not languages. 'Open Source Language' sounds like more hype to me. I may be stupid, but I don't know of any truly open source implementations of the Java that this 'Open Source Language' is in (Last I checked, Sun had a pretty strict licensing scheme going for Java implementations)

    --
    using namespace slashdot;
    troll::post();
  2. None by M.C.+Hampster · · Score: 2, Insightful

    Not everything is about DRM. Move along.

    --
    Forget the whales - save the babies.
  3. I'd hardley say useless by Anonymous Coward · · Score: 5, Insightful
    there are real reasons why this new markup language is needed. It is intended for complex distributed processes that cross several application domains. the common example is a travel agent, who needs to book travel plans for a customer. The booking includes, flights, trains, cars, hotels and motels. Given the complexity of booking that many items in one single transaction across multiple booking systems, you need a common authentication mechanism. What would you prefer? Everyone write their own authen scheme, which may be secure, but will take a couple months to implement. Multiply by the number of companies the travel agent connects to book reservations.

    there are those who disagree, but those whose jobs require complexity, it is a step towards easier integration. Microsoft should just go with the architecture Oasis has laid out for ebXML and dump their piece of junk which originally had no concept of coreography.

  4. "Open source" reference implementation by yerricde · · Score: 5, Insightful

    How can a language be open source?

    I consider a language to be "open source" if it has a reference implementation available to the public as OSI Certified(TM) open source software.

    --
    Will I retire or break 10K?
  5. Re:What idiots by angel'o'sphere · · Score: 4, Insightful


    Does it ever occur to Sun that Java is not the answer to all problems? That maybe, just maybe, an implementation in C would be more generally useful as a reference implementation?

    I know more Java programmers than C programmers .... and all C programmers I know program Java now.

    All industry software projects I'm involved in are in ... ah forgett it you wont belive it anyway ...

    HINT: its not C and its not C++.

    angel'o'sphere

    --
    Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
  6. Re:What idiots by Anonymous Coward · · Score: 1, Insightful

    So you would rather Sun write all the necessary authentication and identity management support in C? I'm no C programmer, but doing network+authentication in C is not easy. Java isn't the answer to everything, but the source is available. If you're so eager for a C implementation, go download the source and port it. Bitching is easy. How about contributing?

  7. Interesting twist, the sourceforge bit by jaiger · · Score: 3, Insightful

    First, synchronize watches - how long before JBOSS integrates this?

    Now on to more serious commentary. This story is interesting in that Sun might actually be "getting it". Sure they've been saying "we get it" for some time but that crappy Sun license...that's just what we needed, YACL (Yet Another Community License).

    This project is actually on Sourceforge, and with a BSD-looking license no less!! I like what I'm seeing, Sun.

    -joe

  8. Re:What idiots by binaryDigit · · Score: 4, Insightful

    Does it ever occur to Sun that Java is not the answer to all problems

    Did it occur to you that Sun would write the code to match whatever use fits THEM the best. The fact that they then turn around and make the code OS is a gesture on their part. Did you think they sat around and said "hey, lets write an implementation of this for the masses"? Nope, their needs came first, as it should be.

  9. Unfortunately not everyone "gets it" by binaryDigit · · Score: 4, Insightful

    The requirement of having robust access control (beyond simple enter your name and password) is not very common outside the corp. world. So those who've not had to deal in that code would not fully understand how big of a deal that this markup language CAN be (assuming it's adopted, robust, etc, etc). This is definitely one of those areas where "everybody rolls their own", or worse, they dumb down their access control to fit things like directory services and the ilk, that were never intended to do what this is trying to.

    Funny how in many posts this has degenerated into either "we don't need no more stinkin languages" or "Sun/Java sucks, yadda, yadda".

    1. Re:Unfortunately not everyone "gets it" by afidel · · Score: 4, Insightful

      Oh this is SO true, for instance my last employer was GE, within GE there are probably at least 100 different authentication domains (this is being conservative, there are probably several hundred) in the last couple of years they have tried to unite a large % of these under an SSO policy, only problem is to even get your SSO information you might have to travel across 3-4 domains. For instance to get mine I had to get inside the firewall with a vpn client, acess a controlled page with a DES access card, then provide my NT credentials to get access to my webmail which lead me through a link to a peoplesoft application with it's own access controlls so that I could sign up for SSO. Providing a single set of credentials and having all of the services recognize me would have made life much easier. Of course a good counterpoint is that anyone who was able to spoof my credentials would then have acess to all of those resources, but this was generally true of the cumbersome system, as long as you had access to the email password you could retrieve/reset most of the others.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  10. I dont get this by Timesprout · · Score: 1, Insightful

    What exactly is the need for this 'new' language. I get the impression that really this system just defines some interfaces and uses XML to allow various aspects of the implementation to communicate. Not exactly rocket science and certainly not worthy of a new language IMHO. What exactly does it do that XML and some well defined schemas cant?

    Its some what strange that given the recent 'commitment' from SUN to clean up the J2EE API's they want to foist this on us as I assume the enterprise is where it will see most usage.Is this sone sort of bastard child from the slightly less than successful Liberty project?

    --
    Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
    What truth?
    There is no dupe
  11. Re:Every language is a niche language. by smccrory · · Score: 2, Insightful

    alext, you're completely missing the point. Java users have been able to do this for quite some time now. Take a look a JAAS - it is an excellent solution if all you do is Java. But the purpose of describing the access control policies in something language-independant like XML is that, we'll, you can implement it in other languages without having to rewrite both the rules and the access control mechanism. This is darn good stuff actually, and lots of readers here are completely missing it. You and many others are blaming Sun for developing something that can be used for more than just Java! Incredulous...