[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-dev] Multiple Subjects in a single request
On May 27, 2005, at 4:19 PM, Mine Altunay wrote: > Let say i have two subjects (1 and 2) in a request. In my policy > there is > a single "read" rule that should check different attributes from each > subject attribute sets. How am I going to express in the rule > definition > that attr1 AND attr2 from subject1 and subject2 must be present? > > Can I use rule combining functions inside of a rule. or should I > define > two seperate rules to check two subject attributes Is it just a "must be present" check, or are you interested in specific values? Yes, you could combine separate Rules, or you could put this in one Condition, or you could have a Target like <Subjects <Subject <SubjectMatch <SubjectAttributeDesignator SubjectCategory="subject1" </SubjectMatch <SubjectMatch <SubjectAttributeDesignator SubjectCategory="subject2" It's up to you. You treat attributes from multiple subjects exactly as you do multiple attributes from a single subject, just including the category info. seth
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]