[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Problem with multi valued attributes...
I have the following xacml rule :
<Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
<Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<SubjectAttributeDesignator
AttributeId="urn:my-organization:security:names:subject:0.1:profil"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
</Apply>
<AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>1</AttributeValue>
</Apply>
</Condition>
When I come with the following context, I get a permit decision :
<Attribute
AttributeId="urn:my-organization:security:names:subject:0.1:profil"
DataType="http://www.w3.org/2001/XMLSchema#string";>
<AttributeValue>1</AttributeValue>
</Attribute>
But if my attribut "profil" has more than one value, I have the following
context and get an indeterminate decision :
<Attribute
AttributeId="urn:my-organization:security:names:subject:0.1:profil"
DataType="http://www.w3.org/2001/XMLSchema#string";>
<AttributeValue>1</AttributeValue>
</Attribute>
<Attribute
AttributeId="urn:my-organization:security:names:subject:0.1:profil"
DataType="http://www.w3.org/2001/XMLSchema#string";>
<AttributeValue>2</AttributeValue>
</Attribute>
How can I express my rule to get a permit decision in that case ?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]