[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] Proposed additional text: i070 - Clarify relationshipbetween extensibility model and policy
Martin, I agree my text is not very clear. Your examples help clarify the issues. I am primarily concerned about the second type of mismatch:- [quote] Or did you actually want to point out that; <sp:UsernameToken> <wsp:Policy/> </sp:UsernameToken> does not intersect with; <sp:UsernameToken> <wsp:Policy> <sp:WssUsernameToken10 /> </wsp:Policy> </sp:UsernameToken> [quote] >Prateek, > >I'm not sure I quite grasp the main point of your text below. > >Perhaps adding a specific example would be helpful. How about; > > >"As noted in Section 3.1.3, an assertion with empty nested policy does >not intersect with the same assertion without nested policy. For >example, > ><sp:UsernameToken /> > >does not intersect with > ><sp:UsernameToken> > <wsp:Policy/> ></sp:UsernameToken> " > >I think this is all the text in Clause 7 of section 3.1.3 is getting at. > >Or did you actually want to point out that; > ><sp:UsernameToken> > <wsp:Policy/> ></sp:UsernameToken> > >does not intersect with; > ><sp:UsernameToken> > <wsp:Policy> > <sp:WssUsernameToken10 /> > </wsp:Policy> ></sp:UsernameToken> > >? > >Gudge > > > > > >>-----Original Message----- >>From: Prateek Mishra [mailto:prateek.mishra@oracle.com] >>Sent: 13 June 2006 19:39 >>To: ws-sx@lists.oasis-open.org >>Subject: [ws-sx] Proposed additional text: i070 - Clarify >>relationship between extensibility model and policy >> >>Add to Section 11.2: >> >>(include after line 2372) >> >>As explained in Section 3.1.3, an assertion with a nested >>policy element >>cannot match the same assertion without >>a nested policy element. This should be kept in mind when using >>assertions that have been extended with additional >>assertions that are meant to be placed within a nested policy >>element. >>For example, use of an extension assertion >> that indicates the presence or absence of an optional field within a >>security token may result in policy intersection >>failure. >> >> >> >> >> > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]