OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] TENTATIVE RESOLUTION: Use QName for DataType,URI for everything else.

So the tentative resolution says that we should write a condition
by using URI rather than QName to specify function identifiers.
Please correct me if I'm wrong.

A VALID example (URI is used)

<xacml:Condition
  xmlns:xacml="urn:oasis:names:tc:xacml:1.0:policy"
  FunctionId="urn:oasis:names:tc:xacml:1.0:function:or">
  <xacml:Apply
    FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-less-than">
    <xacml:Apply
      FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-add">
      <xacml:ActionAttributeDesignator AttributeId="AmountReqd" DataType
="xs:integer"/>
      <xacml:SubjectAttributeDesignator AttributeId="Balance" DataType
="xs:integer"/>
    </xacml:Apply>
    <xacml:SubjectAttributeDesignator AttributeId="CreditCardLimt" DataType
="xs:integer"/>
  </xacml:Apply>
  <xacml:Apply
    FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
    <xacml:Function
      FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
    <xacml:SubjectAttributeDesignator AttributeId="MemberStatus" DataType
="xs:string"/>
    <xacml:EnvironmentAttributeDesignator AttributeId="PremiumCustomer"
DataType="xs:string"/>
  </xacml:Apply>
</xacml:Condition>

An INVALID example (QName is used and "xacml-function" is a namespace
prefix)

<xacml:Condition
  xmlns:xacml="urn:oasis:names:tc:xacml:1.0:policy"
  xmlns:xacml-function="urn:oasis:names:tc:xacml:1.0:function"
  FunctionId="xacml-function:or">
  <xacml:Apply
    FunctionId="xacml-function:integer-less-than">
    <xacml:Apply
      FunctionId="xacml-function:integer-add">
      <xacml:ActionAttributeDesignator AttributeId="AmountReqd" DataType
="xs:integer"/>
      <xacml:SubjectAttributeDesignator AttributeId="Balance" DataType
="xs:integer"/>
    </xacml:Apply>
    <xacml:SubjectAttributeDesignator AttributeId="CreditCardLimt" DataType
="xs:integer"/>
  </xacml:Apply>
  <xacml:Apply
    FunctionId="xacml-function:any-of">
    <xacml:Function
      FunctionId="xacml-function:string-equal"/>
    <xacml:SubjectAttributeDesignator AttributeId="MemberStatus" DataType
="xs:string"/>
    <xacml:EnvironmentAttributeDesignator AttributeId="PremiumCustomer"
DataType="xs:string"/>
  </xacml:Apply>
</xacml:Condition>

Satoshi Hada
IBM Tokyo Research Laboratory
mailto:satoshih@jp.ibm.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC