OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [xacml-users] Help on ResourceConent!


Hi Roland!

Below is the piece of code that made me to raise a query. Please do
confirm me if my understanding is correct on the code.

<ResourceContent>
      <md:record xmlns:md="urn:med:example:schemas:record"
          xsi:schemaLocation="urn:med:example:schemas:record
            http:www.med.example.com/schemas/record.xsd">
            <md:patient>
                  <md:patientDoB>1992-03-21</md:patientDoB>
<md:patient-number>555555</md:patient-number> 
            </md:patient> 
      </md:record>
 </ResourceContent>

Pick up the record which matches the given DoB and Patient Number am I
rt ?

Thanks
Balaji Kamal Kannadassan 

-----Original Message-----
From: Kannadassan, Balaji (AMR:8826) 
Sent: Thursday, October 30, 2008 2:01 PM
To: Roland Illig
Cc: xacml-users@lists.oasis-open.org
Subject: RE: [xacml-users] Help on ResourceConent!

Hi Roland!

   BTW from your reply to consolidate its basically to expand the
content of the records, i.e what the resource conent tag is for rt ?.
Thx a lot for responding to my query. 

Thanks
Balaji Kamal Kannadassan
-----Original Message-----
From: Roland Illig [mailto:roland.illig@gmx.de]
Sent: Thursday, October 30, 2008 1:24 PM
To: Kannadassan, Balaji (AMR:8826)
Cc: xacml-users@lists.oasis-open.org
Subject: Re: [xacml-users] Help on ResourceConent!

Balaji Kannadassan schrieb:
> Hi All!
> 
>     I am sorry if this is too basic. I am  a new bee to XML/XACML. I 
> am trying to understand the implementation of the same from the XACML 
> 1.0v pdf. I came across this tag on a place where the doctor is 
> searching for a DOB of patient. I am baffled on whats the need of this

> piece while there is another piece of code where he picks up the 
> subject-id user and his DOB. Whats the use of this ResourceContent ?
> Please help me in understanding the same.

There are two different ways of getting information from a <Request>:

1. The <*AttributeDesignator> can be used for getting a named attribute,
which looks like:

<Request>
 <Subject>
  <Attribute AttributeId="subject-id">
   <AttributeValue>roland</AttributeValue>
  </Attribute>
 </Subject>
</Request>

In the policy, you use the following code to retrieve the attribute
values:

<SubjectMatch MatchId="string-equal">
 <AttributeValue>roland</AttributeValue>
 <SubjectAttributeDesignator AttributeId="subject-id"/> </SubjectMatch>

2. The <AttributeSelector> can be used for getting arbitrary XML data
from the request, which can be encoded like this:

<Request xmlns:h="http://example.org/html4.xsd";>
 <Resource>
  <ResourceContent>
   <h:html>
    <h:head>
     <h:title>Hello, World</h:title>
    </h:head>
   </h:html>
  </ResourceContent>
  <Attribute AttributeId="resource-id">
   <AttributeValue>http://example.org/hello.html</AttributeValue>
  </Attribute>
 </Resource>
</Request>

In the policy, you can use the following code:

<ResourceMatch MatchId="regexp-string-match">
<AttributeValue>.*[Hh]ell.*</AttributeValue>
 <AttributeSelector
RequestContextPath="//Request/Resource/ResourceMatch/h:html/h:head/h:tit
le/text()"/>
</ResourceMatch>

With the <AttributeSelector>, you can embed arbitrary XML in the request
context and run queries on it using XPath/XQuery. Embedding the XML
document directly is often easier than retrieving (for example) the DOB
and encoding it as a named attribute, especially if you don't know which
fields of the medical record the policy needs for deciding.

Did this clarify things a bit?

Roland

---------------------------------------------------------------------
To unsubscribe, e-mail: xacml-users-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-users-help@lists.oasis-open.org



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]