OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xacml-dev] SubjectAttributeDesignator question


this question should be posted in sunxacml lists, as it's not generic xacml
question.

also, I'm not sure i understand your question. attributes are in request
(evaluationctx in sunxacml), and attribute designators are parts of policy
schema.

if you have a reference to Policy object, then you can programmatically get
its target with getTarget() function. Then Target has getSubjects() method
which returns List of things, which can be attribute designators. There's
also a couple of methods for Actions and Resources and Environments.
Actually, you get TargetMatch type elements, which can represent
AttributeDesignators.

in Java 1.4 there's no parameterized typing, so in sunxacml it's a bit
tricky to figure out what is encapsulated where by examining method
signatures. you have to look at the source codes. maybe TargetMatch class is
the best place to start

argyn

On 1/24/06, Lanz, Dan <dlanz@mitre.org> wrote:
>
> How does one programmatically access the xml attributes of the
> SubjectAttributeDesignator element?  The SubjectAttributeDesignator is
> a subelement of the SubjectMatch element in an xacml policy target, as
> shown in the policy fragment below:
>
>
>           <Target>
>             <Subjects>
>               <Subject>
>                 <SubjectMatch
>
> MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
>                   <AttributeValue
>                     DataType=http://www.w3.org/2001/XMLSchema#string
>                       >employee</AttributeValue>
>                   <SubjectAttributeDesignator
>                     AttributeId="group"
>
> DataType="http://www.w3.org/2001/XMLSchema#string"/>
>                 </SubjectMatch>
>               </Subject>
>               ...
>            </Target>
>
>         The subject attribute value is available from an EvaluationCtx
> by calling (as an example):
>           getSubjectAttribute(new
> URI(com.sun.xacml.attr.X500NameAttribute.identifier), new
> URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id"),
>             new
> URI("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"))
>
>         But, it's not evident how to access the
> SubjectAttributeDesignator.
>
>         Thanks,
>         Dan Lanz
>
>
>
>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]