[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Need regexp-uri-match function
If we are going to use our existing "regexp-string-match" function to compare URIs, that means the DataType of the Attribute whose value is a URI must be "#string". This means you can't mix constraints that use the existing "#anyURI-equal" function with constraints that use the "regexp-string-match" matching on the same "URI" AttributeValue. I think this means we do away with the "#anyURI" DataType, and would have to express all URIs as "#string". Otherwise, the Request may ask for a resource using "#anyURI", while the policy constrains the resource using "regexp-string-match", or vice versa. It also means you can't have two values for the same Attribute, one that is a URI and the other that is a string, and be able to distinguish them by DataType. I think all these are bad. I suggest we create a new function called "urn:oasis:names:tc:xacml:2.0:function:regexp-uri-match" that takes two arguments. The first argument SHALL be DataType "#string" and SHALL contain a regular expression. The second argument SHALL be DataType "#anyURI" and SHALL specify a URI value to be matched. The implementation of the function can be the same as the implementation of "regexp-string-match", just that the second argument value is treated as a string even though its DataType is "#anyURI". Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]