[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: need clarification on Target Matching in XACML v2.0
In XACML v2.0, 5.5 Element<Target> section, the spec states "For the parent of the <Target> element to be applicable to the decision request, there MUST be at least one positive match between each section of the <Target> element and the corresponding section of the <xacml context:Request> element." I need some kind of clarification on the statement. For example, if I define a subject with 2 attributs in the target of a xacml policy such as: &role;account manager &department;customer service and the PDP gets a request which has a subject with only 1 attribute as &role:account manager Does this request subject match the subject defined in the target of the policy and will the rule defined to the target will be evaluated? I have the same kind of questions for resource and action defined in target too. thanks hao
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]