[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Implementing UNIX file system acl using xacml
<Apply FunctionId=”urn:oasis:names:tc:xacml:1.0:function:all-of”> <Function FunctionId=”urn:oasis:names:tc:xacml:2.0:function:fooFunction”/> ..... For example:<functionDefine functionId="urn:oasis:names:tc:xacml:2.0:function:fooFunction">
<inputType dataType="...." /> <Apply .... </Apply> </functionDefine>In this way could be possible refer the function by functionId and the auth logic would be expressed all in the XACML.
Thank you and best regards. Marco On 11/14/2011 03:03 PM, Tyson, Paul H wrote:
his is an important use case, and represents a general pattern that should be handled by XACML. The 3.0 improvements to the hierarchical profile, and perhaps the 'access-permitted' function of XACML 3.0, might help. I have not used XACML 2.0 in quite a while, so I would prefer to analyze this with respect to 3.0, but if you are stuck with 2.0 I will see what can be done.
-- Dott. Marco Biagi Netfarm s.r.l. Phone: +39 050 0981576 Fax: +39 050 777659 Web: http://www.netfarm.it/ Email: marco.biagi@netfarm.it
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]