OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-users] Info on the Hl7 Permissions

massimiliano.masi@gmail.com wrote:
> Hi,
> Also mine, but in the samples there are written something like:
> <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-003</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-005</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-006</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-009</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-010</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-012</AttributeValue>
>        <AttributeValue>urn:oasis:names:tc:xspa:1.0:hl7:prd-017</AttributeValue>
> (see [1], line 135 and following). And this sample is wrong in my opinion.

Ok I wasn't aware of this document (I just read the profile). Since the 
same persons wrote the examples and the profile I guess the sample isn't 
wrong, it's just that the profile is a bit vague on this point.

It appears the XSPA TC intended that the AttributeId would indeed be
"urn:oasis:names:tc:xspa:1.0:subject:hl7:permission" however one should 
also prefix HL7 permission value with "urn:oasis:names:tc:xspa:1.0:hl7:" 
to form the attribute value.

You might want to contact the XSPA TC (xspa@lists.oasis-open.org) to get 
a clarification.



Ludwig Seitz, PhD             |   Axiomatics AB
Training & Development        |   Electrum 223
Phone: +46 (0)760 44 22 91    |   S-164 40 Kista, Sweden
Mail: ludwig@axiomatics.com   |

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]