[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] xacml context mods and schema
|
After today's concall a number of modifications to
the context, part 1 were proposed.
1. Some context elements are renamed and
restructured.
ContextSubject is renamed into ContextPrincipal,
and Principal can now be extended to allow
structured 'principals'. (See Polar's
message).
2. Allow more than one principle. Semantics
of having more than one principal will be qualified.
3. Resource uri is moved to the 'resource' section
of the context. 'Resource' section will
contain resource uri, resource content, and zero or
more xacml attributes with resource uri as a holder.
4. In the example that shows authentication
assertion being broken down into xacml attributes
authentication method and authentication instance
must be kept together.
5. Resource section may contain 'ResourceLocation'
xacml attribute pointing to where resource
content could be obtained.
Schema for RequestContext is attached
Simon.
|
Attachment:
XacmlContext.xsd
Description: text/xml
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC