[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: questions on RBAC profile of XACML v2.0
Hi,
I appreciate if someone can provide some information on the following questions regarding RBAC profile of XACML v2.0
1. The examples included in the profile use policy-combine permit-overrides and rule-combine permit-overrides for both Role <PolicySet> and Permission <PolicySet>. Can we use deny-overrides for both Role <PolicySet> and Permission <PolicySet> too?
2. The examples included in the profile set Rule's effect to permit for both Role <PolicySet> and Permission <PolicySet>. Can we set Rule's effect to deny for both Role <PolicySet> and Permission <PolicySet>?
3. Can we use subject's attributes (except role) as conditions in the rule settings of Permission <PolicySet>?
thanks!
hao
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]