Sun OpenSSO Enterprise 8.0 Developer's Guide


The authorize REST interface will verify user authorization against created policies. Currently, the interface can check whether the user is authorized to perform a particular operation (GET or POST) on a particular HTTP resource. The URL needs to be populated with the following information.

The following URL defines a user that wants to POST to


The operation returns a value of true or false. If the user is not authorized, an exception is thrown. Assuming a policy has been created to allow authenticated users to POST to the defined resource, the above URL would return true.