xacml-users message

Subject: Hierarchical resources policy and request file

From: dhirendra sharma <dhirendra_sh@yahoo.com>
To: xacml-users@lists.oasis-open.org
Date: Thu, 29 Jun 2006 12:17:25 -0700 (PDT)

Hi,

  We need to specify the policy for the below :
	1). A user should be able to "read"  a compnay 
(Example: ABC Inc) provided
		 he has - "ABC-Read" role and should have "ABC Inc"
as the company attribute value in his profile
	
	2). A user should be able to "read" a company
(Example: ABC ) and any its of subsidiaries provided
		 he has - "ABC-Read" role and should have "ABC Inc"
or any of its subsidiaries as the 
		company attribute value in his profile
	
	The request could be made giving company id which
could fall anywhere in the subsidiary hierarchy and we
need to get a response 
whether user is authorized or not.

	Can someone suggest - policy file  and request XML
for this ?
	



Thanks,
Dhirendra Sharma


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Follow-Ups:
- Addendum: Re: Hierarchical resources policy and request file
  - From: Anne Anderson <Anne.Anderson@sun.com>
- Re: [xacml-users] Hierarchical resources policy and request file
  - From: Anne Anderson <Anne.Anderson@sun.com>

References:
- Fwd: [xacml-users] Querying polciies for auditing and reporting purpose
  - From: Argyn <jawabean@gmail.com>