OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] Change Request: add identifier for "implied" Action Attribute

Change Request:

  Add an identifier for an Action Attribute that means that the
  Action to be performed is contained in or implied by the name
  of the Resource.


  Back when an Action was a URN, we had decided to support a
  special URN for "implied action".  Now that an Action has
  Attributes, we need to reserve an AttributeId for this

  It is not sufficient to omit all Attribute elements from the
  Context Action.  In order to match no Action Attributes, a
  Policy Target would need to accept "AnyAction", which is

  Implied actions occur frequently in J2SE.  There is no
  automated way to separate the "action" from the "resource" in
  these cases.

Current identifier value:


Requested identifier value:


Requested semantics:

  In some cases, an access request refers to a resource, but not
  to any separate action.  In these cases, the action to be
  performed is contained in, or is otherwise implied by, the
  resource information in the access request.

  In XACML, these cases are handled by using a Request Action
  having a single Attribute with
  AttributeId="BASE:implied-action" and no associated
  If a Request Action contains an Attribute with
  AttributeId="BASE:implied-action", this satisfies the Target
  Actions of any PolicySet, Policy, or Rule with Target Actions
  of <AnyAction>.  It also matches any ActionAttributeDesignator
  with AttributeId="BASE:implied-action", whether in the Target
  or in a Condition.

Anne Anderson
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC