OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml-users] SubjectMatch?

Hi hao!

    I think in this case its fine. But it might not be in all case since
the rfc representation has different interpretation to few character
from a normal string. Hence I think the data type is checked based on
the function type and though they can be still checked and found
correct, since type doesn't match it throws an error. Experts let me
know if I am correct on this ?.

Balaji Kamal Kannadassan

-----Original Message-----
From: hao chen [mailto:d95776@yahoo.com] 
Sent: Friday, October 31, 2008 6:02 PM
To: xacml-users@lists.oasis-open.org
Cc: Hao Chen
Subject: [xacml-users] SubjectMatch?

The example policy of 4.1.1 in XACML Spec v2.0 has the following section
for subject matching
769 [a20] <Target>
770 [a21] <Subjects>
771 [a22] <Subject>
772 [a23] <SubjectMatch
773 [a24]
774 [a25] <AttributeValue
775 [a26] DataType="http://www.w3.org/2001/XMLSchema#string";>
776 [a27] med.example.com
777 [a28] </AttributeValue>
778 [a29] <SubjectAttributeDesignator
779 [a30] AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
780 [a31] DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name"/>
781 [a32] </SubjectMatch>
782 [a33] </Subject>
783 [a34] </Subjects>
784 [a35] </Target>
I wonder why the datatype defined in attributeValue tag does not match
the datatype defined in SubjectAttributeDesignator. I think logically,
the 2 types should be matched/same.

I appreciate if some can explain this to me.



To unsubscribe, e-mail: xacml-users-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-users-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]