Policy Definition Portlet
The Policy Definition Portlet allows to define, modify and remove authorization policies for services and roles. It communicates with the Policy Administration Points of our Policy Managers.
Services and Policies Lists
The first screen of the Portlet is a list of the services whose policies the logged user is able to define or manage.
To show the list of the policy related to a service, the user should select the service and click on the Show Policies button, on the bottom-right side of the screen:
The Policies List is shown by a popup window:
The Policies List Popup provides three functionalities:
- Create Policy
- Modify Policy
- Remove Policy
Create new Policy
If the user clicks on Create Policy button, the creation policy popup is shown:
the popup contains two combos:
- by the Policy Type combo it is possible to choose between Role based Policies or Service based Policies
- the second combo label depends on the first combo choice: for Role based Policies a list of roles is shown, otherwise a list of services
There is also an optional field called Operation that provides the possibility to limit the defined policy to a particular operation: if it is left blank the policy will be applied to all the possible operations. If the permit check box is checked the policy will be a permit policy, otherwise a deny policy.
After the policy has been defined the user should click on Create to upload it to the PAP. The Portlet will show a confirmation popup and, if the operation is confirmed, the final result:
To modify a Policy the user should select it from the Policies List and click on Modify Policy button. The only modification allowed on a Policy is to switch from permit to deny and vice versa. The Policy Modification Popup is similar to the Policy Creation Popup, but the only modifiable field is the permit check box:
If the user clicks on Update button a confirmation popup is shown and, if the operation is confirmed, the result is shown in another popup.
To remove a Policy the user should select the policy and click on Remove Policy button. The operation should be confirmed and, after the completion, a popup with the result is shown: