OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-core message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Requirement for Isolated Request for Authorization Atributes

Meta-comment: In this thread, it looks like the security-use alias was 
dropped off the To: list a few messages ago.  If this is a discussion about 
requirements, Phill/Tim, can you please make sure that these are fed back 
to the Use Case group so they can capture it?  Thanks.


At 10:55 AM 3/26/01 -0800, Ken Yagen wrote:

>It's pretty common to want additional information along with an access 
>denial. It may be you are not allowed access in this role or it may be you 
>are not allowed access because your account balance is too low or 
>something else. This is similar to another example I gave on the main list 
>of "Yes, Joe can view research reports that meet these criteria: 
>industry=Oil, region=US"
>Whether this is the domain of XACML or SAML, I'm not really sure. SAML 
>should just be flexible enough to support an authorization decision that 
>contains more than a yes/no decision.

Eve Maler                                             +1 781 442 3190
Sun Microsystems XML Technology Development  eve.maler @ east.sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC