Argus PEP Client Library: C API¶
The Doxygen documentation for the Argus PEP client library describes the C API and have an example.
PEP XACML Object Model¶
Basically, to use the Argus PEP client API, you will have to the following steps.
First, import the header with
Create and initialize the PEP client handle with
PEP * pep = pep_initialize()
Set the PEP Server URL with
If the PEP Server URL is protected by HTTPS with client authentication (the default), you must also configure the client certificate or proxy with
The client private key or proxy key with
And the server CA trust anchors path with
Create a XACML Request and add the required Subject, Resource, Action and Environment to it with
and so on. See the PEP XACML Object Model for the complete API.
Submit the request and get the response:
Process the response (if not already done by your obligation handlers). Release the PEP client handle with
A more detailed PEP client example is available http://argus-authz.github.com/argus-pep-api-c/doc/pep_client_example_8c-example.html
The Argus PEP client library is thread-friendly, but you are not allowed to share a PEP handle among multiple threads.
Each thread have to create its own PEP handle:
/* Each thread creates its own PEP handle */ PEP * pep= pep_initialize();
Within a thread you can reuse the PEP handle (multiple
If your threads are object (OO programming, …), it is recommended you
to create (
pep_initialize) the PEP handle in the constructor, and
release it (
pep_destroy) in the destructor.