OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Access descision for multiple resources

Hi,

I have a need to sent XACML authz request for multiple resources. In my case
resources are product types and action for resources is "isLicenced" XACML
request for a single resource looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<Request xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
    xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd
">
    <Subject>
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
            DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">
            <AttributeValue>bs@simpsons.com</AttributeValue>
        </Attribute>
    </Subject>
    <Resource>
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
            DataType="http://www.w3.org/2001/XMLSchema#string";>
            <AttributeValue>ProductTypeA</AttributeValue>
        </Attribute>
    </Resource>
    <Action>
        <!-- Action on resource is isLicenced -->
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
            DataType="http://www.w3.org/2001/XMLSchema#string";>
            <AttributeValue>isLicensed</AttributeValue>
        </Attribute>
    </Action>
    <Environment/>
</Request>

I'm assuming that for multiple resources request should looks something like
this?:


<?xml version="1.0" encoding="UTF-8"?>
<Request xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
    xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd
">
    <Subject>
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
            DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">
            <AttributeValue>bs@simpsons.com</AttributeValue>
        </Attribute>
    </Subject>
    <Resource>
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
            DataType="http://www.w3.org/2001/XMLSchema#string";>
            <AttributeValue>ProductTypeA</AttributeValue>
        </Attribute>
    </Resource>
    <Resource>
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
            DataType="http://www.w3.org/2001/XMLSchema#string";>
            <AttributeValue>ProductTypeC</AttributeValue>
        </Attribute>
    </Resource>
    <Action>
        <!-- Action on resource is isLicenced -->
        <Attribute
            AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
            DataType="http://www.w3.org/2001/XMLSchema#string";>
            <AttributeValue>isLicensed</AttributeValue>
        </Attribute>
    </Action>
    <Environment/>
</Request>

Thanks,
Giedrius

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]