Define Attribute Release Policies

The Attribute Release Policy (ARP) states which end user attributes are released to which Service Providers. To enable the management of these policies you have to deploy the Mistral_user_admin package. With this application, these policies can be defined by each end user via web browser, that is, each end user choose the attributes she want release.

In this package you have to configure the LDAP and eXist-db parameters in the file WEB-INF/mistral_ARP_config.xml in a similar way you edited the mistral_config file.

Once deployed, end users can manage their Attribute Release Policies typing on a web browser http://your_attribute_provider_url:port/Mistral_user_admin. This Application ask the end user for authentication, so it need a valid user and password to log in. (To manage user and password see Administration Module).


Then, it is showed the ARP management screen, where end users can add service providers names, chosing the attributes to release for each one. This application makes a direct link with LDAP, so the attributes showed are the attributes the end user has defined in her LDAP.


Attribute Release Policies are internally defined in XACML, but this module abstracts the complexity of this standard.