xacml message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: XACML REST profile -- <content> vs <id>
- From: Craig R Forster <cforster@us.ibm.com>
- To: xacml@lists.oasis-open.org
- Date: Tue, 22 May 2012 11:10:48 -0500
Hi all,
In the latest working draft, the example around deleting a policy starts with this returned from GET /authorization/policies:
HTTP/1.0 200 OK
Content-Type: application/atom+xml
Content-Length: <nnnn>
<feed xmlns=”http://www.w3.org/2005/Atom”>
<author>example.com</author>
<id>pap</id>
<link rel="self" href="">
<title>Access Control Policies</title>
<updated>Thu, 3 May 2012 21:36:24 GMT</updated>
<entry>
<id>urn:oasis:names:tc:xacml:3.0:example:SimplePolicy1</id>
<title>Medi Corp access control policy</title>
<link rel="alternate" href="">
<content type="application/xacml+xml" src="">
<summary>Medi Corp access control policy</summary>
<entry>
<!-- More entries -->
</feed>
Then the instructions "The client looks up the entry with the id that matches the policy’s PolicyId" followed by a DELETE request to /authorization/policies/1.
This doesn't appear to line up with the example. When constructing the URL, should implementers build a URL based on the <id> of the entrry, or should they follow the <content> link of the entry? In this example, it appears the DELETE request was based on the <content> link not by building a URI based on the <id>.
Regards,
Craig
-------
craig forster | technical lead, tivoli security policy manager
cforster@us.ibm.com
-------
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]