OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: Use of Xquery with XACML

>>As I am a member of W3C XQuery working group, I may try to answer.

>>XPath 2.0 and XQuery 1.0 (which are both still not in the last call
>>stage yet) are using the same underlying data model.  For most intends
>>and purposes XPath 2.0 is a subset of XQuery, lacking such facilities as
>>full FLWOR expression and element constructors.

u r right   but suppose i have a rule
 "A Physician can check the medical records of a patient, if any of his two 
patietns have the same city"
Now these kind of rules cant be expressed just by Xpath.

>>I seriously doubt that adding those data transformation facilities will
>>add any value to the XACML representation, but will make it much more
>>cumbersome to implement and use.  We really refer to data as being
>>evidence - transient result of an XQuery expression does not fit well
>>with this notion.

>>It seems to me that you may achieve the result you want in a much more
>>straightforward way if you use some stand alone XQuery engine, such as
>>SAXON (http://saxon.sourceforge.net/) from Michael Kay, to construct the
>>resource content document.  You may then refer to the constructed data
>>using XPath expressions, or populate notional context using those

well, u r 110% right that it will make the XACML very cumbersome , but i 
dont understand the population mechanism into the ResourceContent element 
prior to PolicyEvalutation, Becaz in my opionon (what i have understood) is 
that PDP asks for the attributes and ContextHandler then provide the 
Attributes, now whereis the Xquery expression stored , with Context Handler 
or with PDP in the Policy , this is really confusing for me. If u can kindly 
tell me the flow that will take place for the population of ResourceContent 
between PDP and Context handler , i will b in a better position to 
understand your point


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]