OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Public Comment

Comment from: studnev@mobilae.ru

I am implementing XACML policy storage in LDAP and tried to follow "LDAP profile for distribution of XACML policies".
Problem is that i can not figure out how XML XACML policy can be mapped to LDAP policy according to this proposal.
Any example can be helpfull. For example, one issue is that Policies in LDAP are proposed to distribute over LDAP nodes "AttributeValue". I quite not understand how it matches XML XACML policy where target is defined by a combination of conditions on subject, resource, action. And tthere may be more than one condition per one policy.
Say how to implement a policy which is applied to subject with attribute "a" = "b" and resources with name starting with "a"?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]