[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Beginner query
Hi, I hope I'm mailing the correct place. I am wanting to permit a request, provided certain attributes are present. I don't care about their value, just the fact that they are present. I cannot see any way of doing this without implementing my own match function. Is this correct or have I missed something? I believe my final policy doc would look like this: <?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:1.0:policy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oasis-open.org/tc/xacml/1.0/cs-xacml-schema=policy-01.xsd" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides"> <Description>Policy template for attribute checking</Description> <!-- This policy document applies to all requests --> <Target> <Subjects> <AnySubject/> </Subjects> <Resources> <AnyResource/> </Resources> <Actions> <AnyAction/> </Actions> </Target> <!-- Rules for attributes --> <Rule RuleId="EmailRule" Effect="Permit"> <Description>Allow Email address</Description> <Target> <Subjects> <Subject> <ResourceMatch MatchId="isPresent"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string"></AttributeValue> <SubjectAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="emailAddress"/> </SubjectMatch> </Subject> </Subjects> <Resources> <AnyResource/> </Resources> <Actions> <AnyAction/> </Actions> </Target> </Rule> </Policy> Thanks P.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]