Skip to main content

TESB Authorization XACML PolicyDecisionPoint

Talend ESB ships with a PDP implementation to provide authorization decisions for a TESB endpoint. The TESB PDP is an extension of the HERAS-AF SimplePDP.

There are two ways to access the Talend ESB PDP.

  • JAX-RS. The PDP is exposed as a JAX-RS service that allows a JAX-RS client the ability to see whether a given request is authorized or not. The user must POST a XACML Request to /pdp/authorize. The next chapter describes how to configure a Policy Enforcement Point (PEP), which takes care of invoking on the PDP and enforcing the authorization decision.
  • Co-located. The PDP can be retrieved as a service from the OSGi registry in the container. This allows the PEP to make an authorization request without the overhead of a remote call. See the next chapter for more details.

In this section

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here