Demonstration of LOAMA: Low-code ODRL Access Management Application

This demonstration illustrates LOAMA (Low-code Access Management Application) and the policy management API of a User-Managed Access (UMA) Authorization Server (AS). The scenario showcases policy management and enforcement using ODRL (Open Digital Rights Language) policies.

System Setup

• LOAMA: A low-code application that generates and updates ODRL policies via the Authorization Server's policy management API.
• Resource Owner: Alice, identified by the WebID https://solidweb.me/Test-Pod/profile/card#me
• Requesting Party: Bob, identified by the WebID https://solidweb.me/Test-Pod-2/profile/card#me
• Resource Server: http://localhost:3000/
• Authorization Server: http://localhost:4000/

LOAMA is shown on the left of the demonstration video.
A script that allows following the UMA protocol (thus implementing the Client role of UMA) is shown on the right.

Initial Configuration

Alice manages several resources using LOAMA. One such resource is: http://localhost:3000/alice/file.txt (referred to as file.txt throughout this demonstration).

Initially, Alice has not defined any usage rules for the public or for Bob. As a result, Bob has no permissions for any actions on file.txt.

Access Attempt by Bob

Bob initiates a PUT request to file.txt using the UMA protocol, implemented via the UMA Fetcher client.
This request fails due to the absence of applicable permissions.

Bob then attempts a GET request, which also fails for the same reason.

Policy Update by Alice

Using LOAMA, Alice updates the policy for file.txt by adding a rule with Bob as a subject and granting him create, write, and append permissions.

Following this update, Bob's PUT request now succeeds. However, the GET request continues to fail, as read permission has not yet been granted.

Final Policy Adjustment

Alice further updates the policy to include the read permission for Bob.

As a result, Bob can now successfully perform both PUT and GET operations on file.txt.