Skip to main content

Authorization with Talend ESB

This chapter describes the Talend ESB authorization solution. This product is available with Talend ESB.

Talend ESB Authorization uses the XACML standard to specify access control. Talend ESB Authorization components are based on this standard and use the HERAS_AF core as the basis of its implementation. As of this version of Talend ESB, the Talend ESB Authorization components support the following:

  • PEP (Policy Enforcement Point): A CXF interceptor which intercepts access requests to a resource and enforces the authorization decision of the PDP. This will be described in the next chapter.
  • PDP (Policy Decision Point): Requests the needed XACML policies from a policy repository and evaluates the request.
  • Policy Repository/Registry: Stores XACML policies. The Talend XACML Registry is based on JCR (Apache Jackrabbit) and is accessed via one front end, a ATOM-based rest interface. It supports deployment, retrieval, and deletion of XACML policies.
  • PAP (Policy Administration Point): A user interface for the administration of policies, described in the Talend Administration Center User Guide.
  • PIP (Policy Information Point): Supply external policy context and attributes: subject credentials and attributes verification.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!