[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Proposed additional text: i070 - Clarify relationship between extensibility model and policy
Prateek, I'm not sure I quite grasp the main point of your text below. Perhaps adding a specific example would be helpful. How about; "As noted in Section 3.1.3, an assertion with empty nested policy does not intersect with the same assertion without nested policy. For example, <sp:UsernameToken /> does not intersect with <sp:UsernameToken> <wsp:Policy/> </sp:UsernameToken> " I think this is all the text in Clause 7 of section 3.1.3 is getting at. Or did you actually want to point out that; <sp:UsernameToken> <wsp:Policy/> </sp:UsernameToken> does not intersect with; <sp:UsernameToken> <wsp:Policy> <sp:WssUsernameToken10 /> </wsp:Policy> </sp:UsernameToken> ? Gudge > -----Original Message----- > From: Prateek Mishra [mailto:prateek.mishra@oracle.com] > Sent: 13 June 2006 19:39 > To: ws-sx@lists.oasis-open.org > Subject: [ws-sx] Proposed additional text: i070 - Clarify > relationship between extensibility model and policy > > Add to Section 11.2: > > (include after line 2372) > > As explained in Section 3.1.3, an assertion with a nested > policy element > cannot match the same assertion without > a nested policy element. This should be kept in mind when using > assertions that have been extended with additional > assertions that are meant to be placed within a nested policy > element. > For example, use of an extension assertion > that indicates the presence or absence of an optional field within a > security token may result in policy intersection > failure. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]