Authorization - 8.0

Talend ESB Infrastructure Services Configuration Guide

Talend Data Fabric
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Open Studio for ESB
Talend Real-Time Big Data Platform
Talend ESB
Talend Runtime
Design and Development
Installation and Upgrade

The Authorization policy enforces that only an authorized user can invoke the request. It is used in conjunction with the SAML policies as defined in Authentication via UsernameToken or SAMLToken. It asserts that a SAML Token must be present in the request, where the SAML token contains role attributes. The receiver validates the SAML token, and then uses the roles to create an XACML request to the PDP to authorize the user.

Talend ESB provides two template policies, depending on if you are also using Signature/Encryption. They are available here in the Talend ESB product:

  • /add-ons/registry/policies/wspolicy_authn_authz.policy (Authorization only)

  • /add-ons/registry/policies/wspolicy_authn_authz_crypto.policy (Authorization with Signature/Encryption)

<tpa:Authorization xmlns:tpa="" type="XACML" />

These custom policies are also applied by default to your Talend ESB Container via the following policy files:



So if you select the Authorization option for your Service in the Studio, when you deploy it on your container, this policy will be pick up automatically.