ApplicationId JSON example

The ApplicationId attribute must only contain the server part of the full policy key. The resourceUri is then retrieved from the Request.Resource resource-id attribute and concatenated on the ApplicationId.

For an application resource with an Application ID /myapp and two resources, /myresource1 and /myresource2, two policy keys would be generated, /myapp/myresource1 and /myapp/myresource2.

This allows two separate policies to be evaluated within the one JSON request.

The corresponding XACML JSON would be:

If the policy attached to /myapp/myresouce1 results in a Permit decision and the policy attached to /myapp/myresouce2 results in a Deny decision, the XACML JSON response would be:


Parent topic: Invoking the RTSS XACML engine