OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] subjects

Ref: Polar's proposal

Section 5.4 Element <CategorizedSubjectAttributeIsPresent>, 2nd
paragraph, final sentences:

  "Regardless of the MustBePresent attribute, if it cannot be
   determined whether the named categorized subject attribute is
   present or not present in the request context, or the value of
   the named categorized subject attribute is unavailable, then
   the expression SHALL result in indeterminate."

Do we not allow attributes that have no values, i.e. where the
name of the attribute is all that is required?  For example,
rather than having a "role" attribute with values of "manager",
"individual contributor", etc., a user might want to define a
"manager" attribute and an "individual contributor" attribute.

I don't care too much, but we should be clear on what we require.
It is probably simpler to require every attribute to have a

Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC