OPA for HTTP Authorization

Open Policy Agent[1] is a promising, light weight and very generic policy engine to govern authorization is any type of domain. I found this comparion[2] very attractive in evaluating OPA for a project I am currently working on, where they demonstrate how OPA can cater same functionality defined in RBAC, RBAC with Seperation of Duty, ABAC and XACML.  
Here are the steps to a brief demonstration of OPA used for HTTP API authorization based on the sample [3], taking it another level up.
Running OPA Server First we need to download OPA from [4], based on the operating system we are running on.  For linux, curl -L -o opa https://github.com/open-policy-agent/opa/releases/download/v0.10.3/opa_linux_amd64 Make it executable, chmod 755 ./opa Once done, we can start OPA policy engine as a server.
./opa run --server Define Data and Rules Next we need to load data and authorization rules to the server, so it can make decisions. OPA defines these in files in the format of .rego. Below is a sample …

Writing Axis2 Custom Deployers - hot deployment - WSO2 Carbon Products

Custom deployers is a concept introduced to Axis2 to increase it's flexibility and enhance the dynamic nature. With this article on Axis2 Custom Deployers, it's originator himself explains it's background and procedure in details. With this post, I'll just share the steps I followed in using this feature.
  • Following is the basic structure of a custom deployer. There needs to be a class that has implemented 'org.apache.axis2.deployment.Deployer' interface and a component.xml file that carries some required properties for the deployer.
  • Following is the basic structure of a CustomDeployer class.
public class CustomDeployer extends AbstractDeployer {

    private static Log log = LogFactory.getLog(CustomDeployer.class);
    private File userMgtConfigFile;
    private RealmConfigXMLProcessor realmConfigXMLProcessor = new RealmConfigXMLProcessor();

    public void init(ConfigurationContext configurationContext) {
        // Here goes all the initialization code.

    public void deploy(DeploymentFileData deploymentFileData) throws DeploymentException {
        File file = deploymentFileData.getFile();
        // Here goes the processing code need to process the file

    public void setDirectory(String s) {
        // if we need to know the subdirectory that the deployer has registered

    public void setExtension(String s) {
        //extension of the file that the deployer has registered
When there is a file addition in the subdirectory that we are interested in (file extension that the deployer has registered with) 'deploy' method is called. When a file is deleted 'undeploy' method is called. When a modification is done both the methods will be called accordingly. Directory and extension of the files to be deployed can be set by the relevant methods.
  • Following is a sample component.xml file written for a WSO2 Carbon product.
<component xmlns="http://products.wso2.org/carbon">
  • Finally in the pom.xml(of Maven module) we should define the deployer as follows,
  •  We are done now. Finally one more thing worth to note is, we can enable hot update by setting 'true' for the parameter 'hotupdate' in axis2.xml. With this if we add a file of the given extension in the directory, the file will be get deployed at the moment itself.



  1. Customized application is simpler to use. This is because it performs the way you want it to.

  2. I like the helpful information you provide in your articles.
    I'll bookmark your weblog and check again here regularly. I'm quite certain I will learn many new stuff right here!
    Good luck for the next!

    Feel free to surf to my page - opana 40 mg

  3. This is really informative post and I personally would like to appreciate the efforts. We are also dealing in same industry hence found this informative to add in our process also. Once again thanks for your post.

  4. This comment has been removed by a blog administrator.

  5. This comment has been removed by a blog administrator.


Post a Comment

Popular posts from this blog

Signing SOAP Messages - Generation of Enveloped XML Signatures

How to send an HTML email in Java (Using Google SMTP Server)

How to convert WSDL to Java