[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Access descision for multiple resources
Giedrius, I have not checked your syntax closely, but as far as I can tell you have the right format for a request for multiple resources. I don't know whether any of the available implementations support the Multiple Resources Profile, however. Regards, Anne Giedrius Trumpickas wrote: > Hi, > > I have a need to sent XACML authz request for multiple resources. In my > case > resources are product types and action for resources is "isLicenced" XACML > request for a single resource looks like this: > > <?xml version="1.0" encoding="UTF-8"?> > <Request xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os" > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os > http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd > > "> > <Subject> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" > DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name"> > <AttributeValue>bs@simpsons.com</AttributeValue> > </Attribute> > </Subject> > <Resource> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" > DataType="http://www.w3.org/2001/XMLSchema#string"> > <AttributeValue>ProductTypeA</AttributeValue> > </Attribute> > </Resource> > <Action> > <!-- Action on resource is isLicenced --> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" > DataType="http://www.w3.org/2001/XMLSchema#string"> > <AttributeValue>isLicensed</AttributeValue> > </Attribute> > </Action> > <Environment/> > </Request> > > I'm assuming that for multiple resources request should looks something > like > this?: > > > <?xml version="1.0" encoding="UTF-8"?> > <Request xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os" > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os > http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd > > "> > <Subject> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" > DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name"> > <AttributeValue>bs@simpsons.com</AttributeValue> > </Attribute> > </Subject> > <Resource> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" > DataType="http://www.w3.org/2001/XMLSchema#string"> > <AttributeValue>ProductTypeA</AttributeValue> > </Attribute> > </Resource> > <Resource> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" > DataType="http://www.w3.org/2001/XMLSchema#string"> > <AttributeValue>ProductTypeC</AttributeValue> > </Attribute> > </Resource> > <Action> > <!-- Action on resource is isLicenced --> > <Attribute > AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" > DataType="http://www.w3.org/2001/XMLSchema#string"> > <AttributeValue>isLicensed</AttributeValue> > </Attribute> > </Action> > <Environment/> > </Request> > > Thanks, > Giedrius > -- Anne H. Anderson, Sun Microsystems Laboratories 1 Network Drive,UBUR02-311, Burlington, MA 01803-0902 USA Tel: 781/442-0928 Fax: 781/442-0399 Email: Anne.Anderson@Sun.COM until 10 August 2007 Email: Anne.Anderson@alum.swarthmore.edu after 10 August 2007
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]