Yes, the API handles serialized policy blobs, so you could use XACML or anything else just as easily. -Dolph On Fri, May 3, 2013 at 10:14 AM, Kevin L. Mitchell < kevin.mitchell at rackspace.com> wrote: > On Fri, 2013-05-03 at 09:20 -0500, Dolph Mathews wrote: > > This API was implemented in keystone in grizzly for centralized policy > > storage: > > > > > > > https://github.com/openstack/identity-api/blob/master/openstack-identity-api/src/markdown/identity-api-v3.md#create-policy-post-policies > > Does this support the language-based policies now implemented in > oslo-incubator and used by nova, quantum, and glance? > -- > Kevin L. Mitchell <kevin.mitchell at rackspace.com> > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130503/478e6886/attachment.html>