[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Database schema for storing XACML policies
Hi , There can be potentially thousands of policies. How did you find applicable polcies for given request ? Thanks, Dhirendra Sharma --- Argyn <jawabean@gmail.com> wrote: > I thought about storing XACML schema in Db and gave > up the idea. It > didn't make a sense in my project. So, I had two > things: > > 1. stored entire policy in TEXT type of field, such > as CLOB > 2. some policies were generated from DB tables. i > had a table with > start and end time columns, then the policy was > generated using these > two columns > > thanks, > argyn > > On 6/15/06, dhirendra sharma > <dhirendra_sh@yahoo.com> wrote: > > Hi All, > > > > > > Can someone share their database schema for > > storing XACML policies ? > > > > We are planning to store the XACML policies in > > Oracle 9i database. > > Write a DatabasePolicyModule and based on > Subject, > > Resource,Action and optionally Environment from > the > > incoming Request > > build a database SQL query and find out all > the > > applicable policies. > > > > > > > > > > I have defined a simple table called - POLICY > with > > columns as follows : > > --------------------------------------- > > TARGET_ID VARCHAR2(20), > > SUBJECT VARCHAR2(1000), > > RESOURCE_ID VARCHAR2(1000), > > ACTION VARCHAR2(1000), > > POLICY VARCHAR2(4000) > > --------------------------------------- > > > > Using values of subject, resource and action > from > > the request input, I build a SQL query and find > out > > matching policies. > > > > I have following 2 questions. > > > > 1). Is above table and column idea good design > for > > policy storage perspective or i am missing > something ? > > > > 2). Where should add this call to the database > for > > find applicable policies in the code ? > > > > Thanks, > > Dhirendra Sharma > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > > > > --------------------------------------------------------------------- > > This publicly archived list supports open > discussion on using the > > XACML OASIS Standard. To minimize spam in the > archives, you > > must subscribe before posting. > > > > [Un]Subscribe/change address: > http://www.oasis-open.org/mlmanage/ > > Alternately, using email: > list-[un]subscribe@lists.oasis-open.org > > List archives: > http://lists.oasis-open.org/archives/xacml-users/ > > Committee homepage: > http://www.oasis-open.org/committees/xacml/ > > List Guidelines: > http://www.oasis-open.org/maillists/guidelines.php > > Join OASIS: http://www.oasis-open.org/join/ > > > > > > --------------------------------------------------------------------- > This publicly archived list supports open discussion > on using the > XACML OASIS Standard. To minimize spam in the > archives, you > must subscribe before posting. > > [Un]Subscribe/change address: > http://www.oasis-open.org/mlmanage/ > Alternately, using email: > list-[un]subscribe@lists.oasis-open.org > List archives: > http://lists.oasis-open.org/archives/xacml-users/ > Committee homepage: > http://www.oasis-open.org/committees/xacml/ > List Guidelines: > http://www.oasis-open.org/maillists/guidelines.php > Join OASIS: http://www.oasis-open.org/join/ > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]