[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Passing parameters to the attribute designator
Anil, it would be better to expose the broader use-case you are interested in here. My guess is that it has something to do with enterprise infra-structure or the policy creation or administration model or the way resource meta-data is stored. A more general formulation focusing on the use-case would get more attention within the TC. The original XACML use-case tends to focus only a "pure" policy language and rules for its execution. This makes sense as the main concern was an interoperable policy language. But there are much broader use-cases that need to be dealt with before XACML can have a larger practical impact... - prateek > I believe there must be a case when the context handler must be given > additional information to retrieve an attribute when using attribute > designators. This additional information may be kept within the > policies that reference the designator and will serve as parameters to > the evaluation procedure of the designator. Naturally, this applies to > only those cases when the attribute referenced is not actually present > in the request context as XACMLv2.0 specification mentions how > the referenced attributes must be matched when present in the request > context. > > This additional context passed to the handler can be a property > list/name-value pairs as the combiner parameters. > > Thoughts ? > > Regards, > Anil
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]