Commit c40c8b23 authored by Cyril Dangerville's avatar Cyril Dangerville Committed by GitHub

added security features for json profile support

parent f831255d
......@@ -15,7 +15,9 @@ AuthzForce Core may be used in the following ways:
* [XACML v3.0 - Core standard](
* [XACML v3.0 - Core and Hierarchical Role Based Access Control (RBAC) Profile Version 1.0](
* [XACML v3.0 - Multiple Decision Profile Version 1.0 - Repeated attribute categories]( (`urn:oasis:names:tc:xacml:3.0:profile:multiple:repeated-attribute-categories`).
* [XACML v3.0 - JSON Profile Version 1.0](
* [XACML v3.0 - JSON Profile Version 1.0](, with extra security features:
* JSON schema [Draft v6]( validation;
* DoS mitigation: JSON parser variant checking max JSON string size, max number of JSON keys/array items and max JSON object depth.
* Experimental support for:
* [XACML v3.0 - Data Loss Prevention / Network Access Control (DLP/NAC) Profile Version 1.0]( only `dnsName-value` datatype and `dnsName-value-equal` function are supported;
* [XACML v3.0 - Additional Combining Algorithms Profile Version 1.0]( `on-permit-apply-second` policy combining algorithm;
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment