search

bolilla / yaal

YAAL (Yet Another Authorization Language) is an authorization language simpler
Apache License 2.0
4 stars 2 forks source link

a beginner's question #1

Open renyp-veteran opened 3 days ago

renyp-veteran commented 3 days ago

Hi, YAAL is amazing for me, because i was looking for a language for practicing ABAC. XCAML is too difficult, as well as you said, it is not friendly to both technical and non-technical guys. I was wondering why it seems that maintenance has been discontinued? Did it perfected? I am a beginner

and other question, i pulled the project to run locally, however i found yaal.yaalParser.PolicyContext is missing, did i do something wrong?

Snipaste_2024-10-16_11-52-25 Snipaste_2024-10-16_11-53-34
bolilla commented 3 days ago

The project begun as a way for me to define a Domain Specific Language and get a better understanding of its challenges.

Nowadays, if you want a nice language to get into ABAC, I'd suggest you ALFA, which is easier than XACML, but equally powerful, or go to Open Policy Agent, which uses the Rego language; a different approach to the problem of Policy definition in an easy to write and easy to test way.

El mié, 16 oct 2024, 5:18, veteran @.***> escribió:

Hi, YAAL is amazing for me, because i was looking for an language for practicing ABAC. XCAML is too difficult, as well as you said, it is not friendly to both technical and non-technical guys. I was wondering why it seems that maintenance has been discontinued? Did it perfected? I am a beginner

— Reply to this email directly, view it on GitHub https://github.com/bolilla/yaal/issues/1, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPZYGV4SGHMD6LCFGJ7AZLZ3XLIHAVCNFSM6AAAAABQAO4XJ6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4TANBXG43DQOI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

renyp-veteran commented 1 day ago

The project begun as a way for me to define a Domain Specific Language and get a better understanding of its challenges. Nowadays, if you want a nice language to get into ABAC, I'd suggest you ALFA, which is easier than XACML, but equally powerful, or go to Open Policy Agent, which uses the Rego language; a different approach to the problem of Policy definition in an easy to write and easy to test way. El mié, 16 oct 2024, 5:18, veteran @.> escribió: Hi, YAAL is amazing for me, because i was looking for an language for practicing ABAC. XCAML is too difficult, as well as you said, it is not friendly to both technical and non-technical guys. I was wondering why it seems that maintenance has been discontinued? Did it perfected? I am a beginner — Reply to this email directly, view it on GitHub <#1>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPZYGV4SGHMD6LCFGJ7AZLZ3XLIHAVCNFSM6AAAAABQAO4XJ6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4TANBXG43DQOI . You are receiving this because you are subscribed to this thread.Message ID: @.>

yet,thands for your suggestion, i will learn ALFA or Rego language. Excuse me,have you used these two languages to implement the ABAC model of the permission system. Do you have any suggestions?

bolilla commented 1 day ago

I have used XACML directly, but I have not used ALFA. As ALFA compiles into XACML, it should be easy. You can learn more about ALFA https://alfa.guide/alfa-authorization-playground/ here (and in the Wikipedia https://en.wikipedia.org/wiki/Abbreviated_Language_for_Authorization).

To use ALFA (its compilation into XACML) you can use any XACML-supporting system. I have used WSO2 IS and it was a fine option.

Regarding Rego, I have used Rego and I feel it is easier entry point into ABAC than XACML. To use Rego, you will use Open Policy Agent (OPA) https://www.openpolicyagent.org/.

If your context is a "modern" cloud-native application, you should probably go for OPA. If you are thinking about a centralized decision-making component, any of them could be ok for you.

On Thu, 17 Oct 2024 at 09:25, veteran @.***> wrote:

The project begun as a way for me to define a Domain Specific Language and get a better understanding of its challenges. Nowadays, if you want a nice language to get into ABAC, I'd suggest you ALFA, which is easier than XACML, but equally powerful, or go to Open Policy Agent, which uses the Rego language; a different approach to the problem of Policy definition in an easy to write and easy to test way. El mié, 16 oct 2024, 5:18, veteran @.

> escribió: … <#m-274695025254852314> Hi, YAAL is amazing for me, because i was looking for an language for practicing ABAC. XCAML is too difficult, as well as you said, it is not friendly to both technical and non-technical guys. I was wondering why it seems that maintenance has been discontinued? Did it perfected? I am a beginner — Reply to this email directly, view it on GitHub <#1 https://github.com/bolilla/yaal/issues/1>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPZYGV4SGHMD6LCFGJ7AZLZ3XLIHAVCNFSM6AAAAABQAO4XJ6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4TANBXG43DQOI https://github.com/notifications/unsubscribe-auth/ABPZYGV4SGHMD6LCFGJ7AZLZ3XLIHAVCNFSM6AAAAABQAO4XJ6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4TANBXG43DQOI . You are receiving this because you are subscribed to this thread.Message ID: @.>

yet,thands for your suggestion, i will learn ALFA or Rego language. Excuse me,have you used these two languages to implement the ABAC model of the permission system. Do you have any suggestions?

— Reply to this email directly, view it on GitHub https://github.com/bolilla/yaal/issues/1#issuecomment-2418767072, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPZYGWAKUECQITE2CAQ233Z35Q5ZAVCNFSM6AAAAABQAO4XJ6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMJYG43DOMBXGI . You are receiving this because you commented.Message ID: @.***>