Re: [xacml-users] Reg. <ResourceContent>

[Prakash Yamuna <techpy@gmail.com>]

My mistake:-(

Thanks for pointing it out.

prakash

On Wed, 30 Mar 2005 18:56:13 -0800, Daniel Engovatov <dengovatov@bea.com> wrote:
> In XML Schema, IIRC,  Minoccurs = 0 and no maxoccurs means 0 or 1.
> (Maxoccurs = 1 implied)  ( ResourceContent? Not ResourceContent*
> 
> 
> -----Original Message-----
> From: Prakash Yamuna [mailto:techpy@gmail.com]
> Sent: Wednesday, March 30, 2005 6:52 PM
> To: Daniel Engovatov
> Cc: xacml-users@lists.oasis-open.org
> Subject: Re: [xacml-users] Reg. <ResourceContent>
> 
> Thanks for the response Daniel.
> 
> But I am even more confused b/w your usage of context and content:-(
> 
> My understanding is there is a single XACML context - no ambiguities
> here.
> 
> I was trying to understand <ResourceContent>.
> 
> Even the schema seems highly tilted towards this being an xml
> representation of a resource you can dump rather than have to fit into
> attributes.
> 
>         <xs:complexType name="ResourceType">
>                 <xs:sequence>
>                         <xs:element ref="xacml-context:ResourceContent"
> minOccurs="0"/>
>                         <xs:element ref="xacml-context:Attribute"
> minOccurs="0"
> maxOccurs="unbounded"/>
>                 </xs:sequence>
>         </xs:complexType>
> 
> It is interesting to see that I can have multiple <ResourceContent>
> elements within <Resource> according to the schema - where as section
> 6.1 states:
> 
> "<Resource> [One to Many]
> 
> Specifies information about the resource or resources for which access
> is being requested by listing a sequence of <Attribute> elements
> associated with the resource.  It MAY include a <ResourceContent>
> element."
> 
> Seems to indicate there can only be a single <ResourceContent> element.
> 
> Best,
> prakash
> 
> On Wed, 30 Mar 2005 18:39:57 -0800, Daniel Engovatov
> <dengovatov@bea.com> wrote:
> > There is no such assumption.  The idea is that when resource is an XML
> > document, it can contain (maybe partially) the context.  Context is
> > notional. Even if it is a representation of a resource, it may include
> > any attributes.
> >
> > Personally, I think AttribtueDesignators should not have a kind
> either,
> > as they have no other meaning other then to group attributes in the
> > context to some traditional categories.  Maybe I should suggest for
> 3.0
> > to reconsider that and make attribute kind an extensible identifier
> for
> > association with arbitrary data sources.
> >
> > D;
> >
> >
> > -----Original Message-----
> > From: Prakash Yamuna [mailto:techpy@gmail.com]
> > Sent: Wednesday, March 30, 2005 6:33 PM
> > To: Daniel Engovatov
> > Cc: xacml-users@lists.oasis-open.org
> > Subject: Re: [xacml-users] Reg. <ResourceContent>
> >
> > Hmm - interesting...
> >
> > Section 6.4 states:
> >
> > "The <ResourceContent> element is a notional placeholder for the
> > content of the resource.  If an XACML policy references the contents
> > of the resource by means of an <AttributeSelector> element, then the
> > <ResourceContent> element MUST be included in the RequestContextPath
> > string."
> >
> > The key phrase that struck me was - "notional placeholder for the
> > content of the resource" - hence my assumption that <ResourceContent>
> > can be used only for xml content representation of resources.
> >
> > prakash
> >
> > On Wed, 30 Mar 2005 18:16:22 -0800, Daniel Engovatov
> > <dengovatov@bea.com> wrote:
> > > It is explained partially in section 2.5, line 460 : you can have
> > > subject attribute as part of this context.
> > > One can include all that information within a single XML document if
> > so
> > > needed.  No need for separate contents.
> > >
> > > Division of attributes into several kinds is purely for convenience.
> > > They do not have any fundamental differences.
> > >
> > > There is really only one context, that contains all kind of
> > attributes.
> > > See section 3.2.
> > >
> > > Daniel;
> > >
> > > -----Original Message-----
> > > From: Prakash Yamuna [mailto:techpy@gmail.com]
> > > Sent: Wednesday, March 30, 2005 5:48 PM
> > > To: xacml-users@lists.oasis-open.org
> > > Subject: [xacml-users] Reg. <ResourceContent>
> > >
> > > I was wondering if anyone could provide insight on why the XACML
> spec
> > > supports <ResourceContent> but not <SubjectContent>,
> <ActionContent>,
> > > etc...
> > >
> > > thanks,
> > > prakash
> > >
> > >
> >
> >
> 
>