I am a user of WSO2 IS, I need to add a custom RuleCombining algorithm in my WSO2 IS. I am using this example of balana and when I create this Policy in the WSO2 IS I obtain this Error: Unsupported Entitlement Policy. Policy can not be parsed, and this is the log of the WSO2 IS:
ERROR {org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader} - Error while parsing the policy org.wso2.balana.ParsingException: Error parsing combining algorithm in Policy
Caused by: org.wso2.balana.UnknownIdentifierException: unknown combining algId: urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:highest-effect
at org.wso2.balana.combine.BaseCombiningAlgFactory.createAlgorithm(BaseCombiningAlgFactory.java:138)
at org.wso2.balana.AbstractPolicy.<init>(AbstractPolicy.java:237)
Edited:
Thank you for the answer David,
In the same example page we can read that we can extend the WSO2 IS with custom functions, algorithms and data-types, adding a balana configuration file:
However, If you want to ask WSO2 Identity Server to initialize the Balana by reading configuration file. You can do it by creating a new configuration file called “balana-config.xml” under the /repository/conf/security directory. As an example, Say you want to add new rule combining algorithm to work with WSO2 Identity Server entitlement engine. Then you can follow same way that is configuring it with Balana. Please refer this blog post for more details. However I would like to summarize the step to follow.
But after following the steps it doesn't seem to be working.
Any other help in this issue will be appreciated.
I am considering axiomatics as XACML engine, but it seem very difficult to get a version for testing or inception purposes. Can you give me any light on this concern?.
