[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml-users] Sample with matching attributes of subj and resource
On 29 September, Kuketayev, Argyn writes: RE: [xacml-users] Sample with matching attributes of subj and resource > Nope, this one doesn't work. Condition element should come with > FunctionId, according to my schema. My example was for XACML 2.0. In XACML 2.0, the Condition element does not have a FunctionId: it contains an expression that must be Boolean. > I guess it should be something like "isTrue" For XACML 1.0/1.1, use function Id urn:oasis:names:tc:xacml:1.0:function:boolean-equal and remove the <Apply ...> and </Apply> tags. Anne > Argyn > > > -----Original Message----- > > From: Anne Anderson [mailto:Anne.Anderson@Sun.COM] > > Sent: Wednesday, September 29, 2004 11:52 AM > > To: Kuketayev, Argyn > > Cc: xacml-users@lists.oasis-open.org > > Subject: Re: [xacml-users] Sample with matching attributes of > > subj and resource > > > > > > <Rule RuleId="example" Effect="Permit"> > > <Condition> > > <Apply > > FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> > > <SubjectAttributeDesignator > > > > AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" > > DataType="http://www.w3.org/2001/XMLSchema#string"/> > > <ResourceAttributeDesignator > > AttributeId="urn:argyn:resource:resource-owner" > > DataType="http://www.w3.org/2001/XMLSchema#string"/> > > </Apply> > > </Condition> > > </Rule> > > > > Anne > > > > On 29 September, Kuketayev, Argyn writes: [xacml-users] > > Sample with matching attributes of subj and resource > From: > > "Kuketayev, Argyn" <argyn_kuketayev@fanniemae.com> > To: > > xacml-users@lists.oasis-open.org > Subject: [xacml-users] > > Sample with matching attributes of subj and resource > Date: > > Wed, 29 Sep 2004 11:22:50 -0400 > > > > Is there an example of matching attributes of subject and > > resource? > > > > I want to permit certain ops on resource, if resource's > > > ownerId matches username of subject. > > > > > > Thanks, > > > Argyn > > > > > > > -- > > Anne H. Anderson Email: Anne.Anderson@Sun.COM > > Sun Microsystems Laboratories > > 1 Network Drive,UBUR02-311 Tel: 781/442-0928 > > Burlington, MA 01803-0902 USA Fax: 781/442-1692 > > > > -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]