[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml-comment] IIA011Request.xml
Attribute identifiers do NOT need to be unique. For example, a user may have authenticated using both an X500 name and an RFC822 name. The Request then may have two Attributes with AttributeID="urn:oasis:names:tc:xacml:1.0:subject:subject-id", one with DataType="urn:oasis:names:tc:xacml:1.0:data-type:x500Name" and the other with DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name". The two Attributes could even have the same DataType. The subject may have authenticated under two different X500 names, for example. Anne Anderson On 12 December, Satoshi Hada writes: [xacml-comment] IIA011Request.xml > There are two attributes with the same identifier. > > Is this request invalid in the sense that the attribute identifiers must be > unique? > If yes, we can use the XML schema <key> to define the uniqueness > and can take advantage of the schema validation by XML parsers. > > http://www.w3.org/TR/xmlschema-1/#cIdentity-constraint_Definitions > http://www.w3.org/TR/xmlschema-0/#specifying%20Keys&theirRefs > > I think we should make use of schema validation as much as possible. > > Satoshi Hada > IBM Tokyo Research Laboratory > mailto:satoshih@jp.ibm.com -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC