[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml-users] xpath access control
This issue had been debated on the Xpath/XQuery working group, and for that I know there is no generic way to determine if two Xpath statements will return you a same XDM (XQuery data model) instance. It is not even clear what "the same" means in this context. If your Xpath processor supports rewriting and your document has a schema you may be able to determine equivalency in a very restricted subset of cases. What Xpath2.0 implementation are you using? Daniel; -----Original Message----- From: Wolfgang Schreiner [mailto:wolfgang.schreiner@ec3.at] Sent: Thursday, November 30, 2006 8:01 AM To: xacml-users@lists.oasis-open.org Subject: [xacml-users] xpath access control Hi all, Following problem: I would like to control access to a set of XML documents via XPath 2.0 queries. XML fragements, which are allowed to being accessed are specified by XPath 2.0 statements as well. What I need is a method to determine whether 2 XPath statements are semantically equal or similar, before executing the query and having to post-filter the result. What is the best way to achieve this? Does the XACML xpath-node-match function solve this problem? Is there an implementation to it? I think the Sun implementation does not include XPath functions? -- best regards, Wolfgang Schreiner, Mag. DI E-Commerce Competence Center (EC3) Donau-City Strasse 1, A - 1220 Vienna Tel: +43 1 522 71 71 - 14 Fax: +43 1 522 71 71 - 71 Web: http://www.ec3.at _______________________________________________________________________ Notice: This email message, together with any attachments, may contain information of BEA Systems, Inc., its subsidiaries and affiliated entities, that may be confidential, proprietary, copyrighted and/or legally privileged, and is intended solely for the use of the individual or entity named in this message. If you are not the intended recipient, and have received this message in error, please immediately return this by email and then delete it.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]