[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Requirement for Isolated Request for Authorization Atributes
Meta-comment: In this thread, it looks like the security-use alias was
dropped off the To: list a few messages ago. If this is a discussion about
requirements, Phill/Tim, can you please make sure that these are fed back
to the Use Case group so they can capture it? Thanks.
Eve
At 10:55 AM 3/26/01 -0800, Ken Yagen wrote:
>It's pretty common to want additional information along with an access
>denial. It may be you are not allowed access in this role or it may be you
>are not allowed access because your account balance is too low or
>something else. This is similar to another example I gave on the main list
>of "Yes, Joe can view research reports that meet these criteria:
>industry=Oil, region=US"
>
>Whether this is the domain of XACML or SAML, I'm not really sure. SAML
>should just be flexible enough to support an authorization decision that
>contains more than a yes/no decision.
--
Eve Maler +1 781 442 3190
Sun Microsystems XML Technology Development eve.maler @ east.sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC