Dan, in reality XACML is still years behind the adoption curve. The industry is still getting to terms with authentication. :( I am hoping that there will be emphasis on access control in a couple of years.
There is adoption of xacml among university research and other security focused entities.
The need of the hour is domain based editors that can be used to craft the xacml policies. Rather than crafting xacml policies by hand, GUI should be employed depending on domains to craft the policies.