[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Reg. <ResourceContent>
Thanks for the response Seth - defining custom datatypes is what I have gone ahead with... But I was hoping somebody could throw some light as to why the XACML committe felt a need for <ResourceContent> but not <SubjectContent>...and hence my email. I am not sure I totally understand the distinction b/w using <ResourceContent> as a place to store XML data versus actual content of the resource. To me for example: a Subjec X - xml representation maybe: <MySubject uid="X" firstName="prakash" org="somegodforsakenorg" supervisor="Y"/> So if Subject Y is deleting Subject X then: I could have said: <Request...> <SubjectContent> <MySubject uid="Y" firstName="mymanagerwhowillbeanonymous" org="somegodforsakenorg" supervisor="A"/> </SubjectContent> <ResourceContent> <MySubject uid="someuniqueid" firstName="prakash" org="somegodforsakenorg" supervisor="Y"/> </ResourceContent> <Action> ... </Request> Then in my policy all I had to say was if my supervisor of X is the subject trying to delete then go ahead and delete. I can do all this through custom datatypes and attributes - I understand - as I said I was more curious to understand the rationale than anything else... Thanks, prakash On Wed, 30 Mar 2005 22:08:45 -0500, Seth Proctor <Seth.Proctor@sun.com> wrote: > Yeah, I understand where you're going. Basically, don't think of > ResourceContent as a place to store XML data. Think of it as the place > where you include the actual content of the resource you're trying to > access. The fact that the connonical representation is XML, and that > you can query it using XPath, is just a concidence :) > > > seth > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]