[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: one question regarding the use of Xpath
Dear all, I have a confusion in the use of Xpath in AttributeSelector Element of XACML suppose i have a rule " A Physician is allowed to check the record of Patient X , if an only if he is the Primary care physician of patient X now Xpath would b /Physician/PhyID = PhysicianID // I also wanted to check whether he is a valid physician or not. AND /Physician/patients/patID = patientID of patient X // for the checking whether Physician is the primary care physician of the Patient X or not. This kind of Xpath is not correct as the 2nd condition can be true for any Physician who is taking care of the Patient X in addition to Primary care Physician can we introduce some context information like this <Condition> <Apply FunctionId="function:string-equal"> <Apply FunctionId="function:string-one-and-only"> <SubjectAttributeDesignator AttributeID="PatientId" DataType="String"/> </Apply> <Apply FunctionId="String-one-and-only-with-subject"> <AttributeSelector RequestContextpath="/Hosptial/Physician[phyID='subjectID']/patients/patID/text()" DateType="String"> </AttributeSelector> </Apply> </Apply> . </Condition> is this new funciton additon is possible with XACML. ?? where subject ID represent the caller in this case May b i am wrong in writing Xpath , if yes plz help . with Best regards. Muhammad.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]