OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] subjects

Polar,
I am having trouble parsing the second paragraph Section 5.3 Complex type
CategorizedSubjectAttributeDesignatorType (ref:
http://lists.oasis-open.org/archives/xacml/200211/msg00066.html),
even apart from the typos :-)

I have reworded it according to my understanding.  Is my
rewording true to the intended semantics?  (not necessarily
better, just correct)

ORIGINAL:

A "subject" is represented by a <Subject> element of the
<Subjects> element the <xacml-context:Request> element.  A
"categorized subject" a "subject" that contains a particular
"subject category attribute".  A "subject attribute" is an
attribute located in a particular "subject".  A "named subject
attribute" is a "named attribute" for a "subject".  A "subject
category attribute" is the "subject attribute" that matches
"named subject attribute" with the AttributeId of
urn:...:subject-category and the DataType of urn:...#string.  A
"named categorized subject attribute" is a "named subject
attribute" for a particular "categorized subject".

REWORDING:

A principal, or "subject", involved in making an XACML Request is
represented by a <Subject> element of the <Subjects> element of
the <xacml-context:Request> element.  Each <Subject> element must
contain one and only one attribute with AttributeId of
urn:...:subject-category.  This is called its "subject category
attribute". The DataType of this attribute MUST be
urn:...#string.  No two <Subject> elements may have "subject
category attributes" that have the same value.

A "categorized subject" is a "subject" along with its particular
"subject category attribute" value.

A "subject attribute" is an attribute located in a particular
<Subject> element.

A "named subject attribute" is a "subject attribute" along with
its AttributeId value.  "subject".

A "named categorized subject attribute" is a "named subject
attribute" for a particular "categorized subject".

Anne
-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC