Skip to main content

Example Web PEP

Web Policy Enforcement Point

Use case example

We want to define a policy to restrict access to the Soffid console user's page (MainMenu > Administration > Resources > Users).

The users who are assigned to the SOFFID_RRHH role (from this point forward: end-users) will have limitations to perform some actions on the Soffid console users page:


The end-users only be able to query the information about the users who belong to the same primary group that them.
The end-users only be able to update the users with internal user type.
The end-users could not delete any user record.

XACML Editor

Policy set

&&TODO&& Definir y revisar

image-1627985848659.png

Policy

 

image-1627985535274.png

Rules

Deny accessto a user to a specific resource

image-1627985433678.png

Permit access to a specific user

image-1627985812268.png

Permit access to other users

image-1627981220287.png

Download XML

You can download a XML file with the example:&&TODO&&

Configure PEP

image-1628230671130.png