[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-dev] Username in the <Delegate> element
Hi, Infact, i meant for putting a complex object e.g. representing the <Issuer> in the policy. Accordingly there will be a complex object in the <Delegate> Element. Another thing is that what about using RBAC profile for rights delegation too. I had a look at the discussion regarding its pros/cons. but what is your personal opinion about it In my opinion, without it, things are more clearer, e.g. "A role R wants to delegate his rights on some service S to role R" Here, service S is only permitted to some members of Role R according to their characteristics. Now, if one of the member which have previlege wants to delegate the right to use service S to one of the member of role R then ? make sence? regards Muhammad. ----- Original Message ----- From: "Erik Rissanen" <mirty@sics.se> Cc: <xacml-dev@lists.oasis-open.org> Sent: Thursday, August 04, 2005 2:41 PM Subject: Re: [xacml-dev] Username in the <Delegate> element > Muhammad Masoom Alam wrote: > >>Hi all, >> >> In the XACML Administration Profile V7 have Username as subject-id. It >> makes a bit difficult to get the attributes of the delegator since >> subject is the delegatee not the delegator according to the profile. >> >> Can we add some complex Object representing the delegatee and delegator >> in stead of simple user name. Even a role name will not be sufficed in >> this case of dynamic delegation. >> >>regards >>Muhammad. >> >> > > You can put any attribute in the Delegate element, and the context > handler should be able to resolve the attributes in the same way as the > attributes of the Subject. Why cannot you get the attributes of the > Delegate? Could you explain in more detail? > > Regards, Erik > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: xacml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: xacml-dev-help@lists.oasis-open.org > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]