Please note, that this page ist work in progress...
pam_xacml provides XACML support for many
pam_xacml also introduces a simplified XACML pam conversation function, for application developers that want to support XACML directly without committing to a specific XACML framework.
Our code was written with extensibility for other XACML Policy Decision Points in mind. Please refer to Information for Developers and contact us if you want to add support for other XACML PDPs. The current code is NOT intended for production use. It is intended for evaluating the use of XACML policies in different scenarios with out-of-the-box unix applications.
pam_xacml is distributed under the LGPL license. Some third party contributions of the distribution underly different licenses.
The eXtensible Access Control Markup Language (XACML) allows for generic access control policies in XML format. Authorization policies today are formulated for individual services. This makes it difficult to state the access rights for individual users. XACML allows for unified authorization policies: Use one consistent XACML policy for multiple services! The problem of XACML is, that only few applications support authorization with XACML.