OPA for HTTP Authorization

Open Policy Agent[1] is a promising, light weight and very generic policy engine to govern authorization is any type of domain. I found this comparion[2] very attractive in evaluating OPA for a project I am currently working on, where they demonstrate how OPA can cater same functionality defined in RBAC, RBAC with Seperation of Duty, ABAC and XACML.  
Here are the steps to a brief demonstration of OPA used for HTTP API authorization based on the sample [3], taking it another level up.
Running OPA Server First we need to download OPA from [4], based on the operating system we are running on.  For linux, curl -L -o opa https://github.com/open-policy-agent/opa/releases/download/v0.10.3/opa_linux_amd64 Make it executable, chmod 755 ./opa Once done, we can start OPA policy engine as a server.
./opa run --server Define Data and Rules Next we need to load data and authorization rules to the server, so it can make decisions. OPA defines these in files in the format of .rego. Below is a sample …

MIT - AITI experience

How I got the chance to join
I got the chance to join the MIT-AITI (which was Massachusetts Institute of Technology, African Internet Technology Initiative and now goes as Asian ) program while I was completing my internship period of 24 weeks. Thank to WSO2, where I was having my internship I could get a release to join the program for 6 weeks and I am writing this just after the 2 week of the AITI program. As I feel that I have used that time effectively, hope to keep a note on what I got. Today was a more challenging and interesting day and it will be worth to have a note on what I have done in the course so far. An overview on the course can be found in the given link.

Very first day
At the very first day we were emphasized on the purpose of the course is not just to teach us mobile technologies, but also to make people use them as real applications. In brief we were at the beginning of becoming entrepreneurs initializing a company based on mobile applications. Honestly I felt whether this can be done, but really had faith that should give my maximum strength for the try. Very first day we were given a bag full of chocolates and toffees and asked to sell them somehow as groups. The group which will make most revenue was to win. This was cool and really was a new experience.

First steps
Then gradually we were guided to discover our own passions, problems we have, what we want to change in world etc. Meanwhile we had lot of group works that helped us to get to know each other and finally we were given the freedom and guidance to select the co-founders of the start-up according to the passions we have. I had passion on giving a solution for the time wasted at travelling due to huge traffic. Dhanika Perera, Shashindra Silva, Amila Paranawithana and Manoj Kumara were my co-founders of the company.
Then we tried to define our problem more precisely and realized that we will not be able to found a mobile solution for traffic congestion in 6 weeks. So we tried develop a solution for a more narrow problem that how a student, or any other traveler use their time efficiently while waiting at traffic congestions. Meanwhile we had a brain storming session with higher officers of leading mobile service providers of Sri Lanka and could have valuable feed backs on our ideas that how they should be refined in order to be effective. Having them in mind we started to keep on brain storming on a solution for this.

While doing all these we were also given a good introduction to python programming through lab sessions which was a good addition to our technical background.

After considering lot of solution we came up with, we wanted to select one of them that will be more useful if solved. We had guidance on selecting, with the instructions on what to consider and finally all of us were so confident on one solution that we believed which will be most successful. Then we had a session on business models and again we thought more strategies to follow. We took top three of them and roughly estimated the revenue that can be made by each. Regarding that estimation we selected what business model to be followed.
While working on this we also considered the feasibility of implementing the solution in technical aspects and had few issues that we will not be able to do without the support of service provider. So kept on more ways to implement it, if we do not get service provider's support too.

This was a nice experience and I was starting to feel the responsibilities and difficulties an entrepreneur face in the journey. On the other hand I was enjoying, working with the team according to our decisions and had the proud in mind that we are going to do something of our own.

Elevator Pitch Contest (MIT-AITI Elevator Pitch Olympics)
This was a real challenging competition held today(10/07/2011) and was very exciting given that the reward for the winner is Rs.10 000/=. It was just the second time I heard of elevator pitch and had no idea what needed to be done. Samidh Chakrabarti, our instructor, as usual gave us a good introduction and guided us. What we had to do was to get prepared to talk to our potential investors to make them invest in our startup. In the contest  we had a panel of judges and we were given sharply measured one minute to talk. Had to give an idea on the problem we are addressing, the solution and the estimated revenue in a more attractive way within this 60secs. 

This was an interesting challenge and I really wanted to be a good competitor for this.  Round by round it was made harder and at one round it was made 30 secs which was very challenging. After few rounds I could be among the top three which I am really happy about . It was a real challenge and I enjoyed it a lot.

I am sure in the coming up weeks their will be more challenging things and I am enjoying the course a lot. Thank you Samidh, Lisa and Micheal.


  1. well done!

    and that cat on your shirt looks like "Marie"

    from the Aristocats :)


Post a Comment

Popular posts from this blog

Signing SOAP Messages - Generation of Enveloped XML Signatures

OPA for HTTP Authorization

How to Write a Custom User Store Manager - WSO2 Identity Server 4.5.0