OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] xacml combiner alg extension points





Hi, Polar, Simon

Is the following example what you are suggesting?

<Policy algid="priority-rule-combo-algo">
  <CombinerParameters>
    <CombinerParameter ParameterName="priority">10
    </CombinerParameter>
    <CombinerParameter ParameterName="priority">5
    </CombinerParameter>
  </CombinerParameters>
  <Rule effect="permit">... rule 1...</Rule>
  <Rule effect="permit">... rule 2 ...</Rule>
</Policy>

(The first rule has priority 10 and the second rule has priority 5)
If so, this would satisfy my requirements.

Best,
Michiharu



                                                                           
             "Simon Godik"                                                 
             <simon.godik@over                                             
             xeer.com>                                                  To 
                                       <xacml@lists.oasis-open.org>        
             2004/02/03 16:28                                           cc 
                                                                           
                                                                   Subject 
                                       [xacml] xacml combiner alg          
                                       extension points                    
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




xacml extension points proposal.

Polar pointed out that previous xacml extension proposal is somewhat
misleading with it's use of
@MustUnderstand attribute and where parameters are interpreted.

Here is cleaned up version, hopefully.

Proposal:

Allow element of type <xacml:CombinerParametersType> as an optional child
of <xacml:PolicySet> and <xacml:Policy> elements.
<xacml:CombinerParameters> element contains a list of parameters specific
to the enclosing combining algorithm. Combiner parameters are input to the
combining algorithm only and can not be directly interpreted by the pdp.

Schema:
<xs:element name="CombinerParameters" type="xacml:CombinerParametersType"/>
<xs:complexType name="CombinerParametersType">
<xs:sequence>
<xs:element ref="xacml:CombinerParameter" minOccurs="0"
maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<xs:element name="CombinerParameter" type="xacml:CombinerParameterType"/>
<xs:complexType name="CombinerParameterType">
<xs:sequence>
<xs:any namespace="##any" processContents="lax" minOccurs="0"
maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="ParameterName" type="string" use="required"/>
</xs:complexType>

Simon

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]