OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xspa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xspa] Jericho RSA and XSPA PDPs


yes


Dilli Dorai wrote:
> Dunae,
> Is this request constructed with OpenSSO client api?
> Thanks.
> -Dilli
>
> On 02/23/09 12:22, Brian McClung wrote:
>> Duane,
>>
>> The last request that came through doesn't properly define the
>> xacml-context namespace.  Here's what we received:
>>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol"
>> xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion"
>> xmlns:xd="http://www.w3.org/2000/09/xmldsig#";
>> xmlns:xe="http://www.w3.org/2001/04/xmlenc#";>
>>    <soapenv:Header/>
>>    <soapenv:Body>
>> <xacml-context:Request>
>> <xacml-context:Subject
>> SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> 
>>
>> <xacml-context:Attribute
>> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>Doctor,Bob</AttributeValue>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:role"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>physician</AttributeValue>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</AttributeValue> 
>>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:locality"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>Healthcare Domain A</AttributeValue>
>> </xacml-context:Attribute> </xacml-context:Subject>
>> <xacml-context:Resource> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</AttributeValue> 
>>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue> 
>>
>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue> 
>>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code" 
>>
>>
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>MA</AttributeValue>
>> </xacml-context:Attribute>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:medications:dissented-subject-id" 
>>
>>
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>Doctor, Bob I</AttributeValue>
>> </xacml-context:Attribute> </xacml-context:Resource>
>> <xacml-context:Action> <xacml-context:Attribute
>> AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>read</AttributeValue>
>> </xacml-context:Attribute>
>> </xacml-context:Action>
>> <xacml-context:Environment>
>> <xacml-context:Attribute
>> AttributeId="urn:va:xacml:2.0:interop:rsa8:environment:locality"
>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>> <AttributeValue>Healthcare Domain A</AttributeValue>
>> </xacml-context:Attribute> </xacml-context:Environment>
>> </xacml-context:Request>
>>
>>    </soapenv:Body>
>> </soapenv:Envelope>
>>
>> Brian McClung
>>
>> Senior Software Engineer
>> Jericho Systems Corporation
>> Toll Free:  877-231-2200
>> Local:  972-231-2000
>> Fax:  972-234-1100
>>
>> http://www.jerichosystems.com <blocked::http://www.jerichosystems.com/>
>>
>> */EnterSpace Technology:  Decisioning Defined^TM /*//
>>
>> *The information contained in this e-mail and all attachments
>> transmitted with it is the Confidential and Proprietary information of
>> Jericho Systems Corporation.  If the reader of this message is not the
>> intended recipient, or an employee or agent responsible for delivering
>> this message to the intended recipient, you are hereby notified that any
>> dissemination, distribution, copying, or other use of this message or
>> its attachments is strictly prohibited. If you have received this
>> message in error, please notify the sender immediately by replying to
>> this message and please delete it from your computer.*
>>
>>
>>
>> Duane DeCouteau wrote:
>>  
>>> After reconfiguring client to ../XACMLRSA8Service (RSA XACML Policies)
>>> client is returning "Permit".  As expected the XSPA Service Provider 
>>> .../XACMLService PDP continues to throw an parsing exception which I
>>> am looking at.
>>>
>>> Duane
>>>
>>> Request: Mon Feb 23 11:57:49 PST 2009
>>> <xacml-context:Request>
>>> <xacml-context:Subject
>>> SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> 
>>>
>>>
>>> <xacml-context:Attribute
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>Doctor,Bob</AttributeValue>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:role"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>physician</AttributeValue>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</AttributeValue> 
>>>
>>>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:subject:locality"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>Healthcare Domain A</AttributeValue>
>>> </xacml-context:Attribute>
>>> </xacml-context:Subject>
>>> <xacml-context:Resource>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</AttributeValue> 
>>>
>>>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue> 
>>>
>>>
>>> <AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue> 
>>>
>>>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code" 
>>>
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>MA</AttributeValue>
>>> </xacml-context:Attribute>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:medications:dissented-subject-id" 
>>>
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>Doctor, Bob I</AttributeValue>
>>> </xacml-context:Attribute>
>>> </xacml-context:Resource>
>>> <xacml-context:Action>
>>> <xacml-context:Attribute
>>> AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>read</AttributeValue>
>>> </xacml-context:Attribute>
>>> </xacml-context:Action>
>>> <xacml-context:Environment>
>>> <xacml-context:Attribute
>>> AttributeId="urn:va:xacml:2.0:interop:rsa8:environment:locality"
>>> DataType="http://www.w3.org/2001/XMLSchema#string"; >
>>> <AttributeValue>Healthcare Domain A</AttributeValue>
>>> </xacml-context:Attribute>
>>> </xacml-context:Environment>
>>> </xacml-context:Request>
>>>
>>> Response: Mon Feb 23 11:57:50 PST 2009
>>> <xacml-context:Result ResourceId="">
>>> <xacml-context:Decision>Permit</xacml-context:Decision>
>>> <xacml-context:Status>
>>> <xacml-context:StatusCode
>>> Value="urn:oasis:names:tc:xacml:1.0:status:ok"></xacml-context:StatusCode> 
>>>
>>>
>>> </xacml-context:Status>
>>> </xacml-context:Result>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this mail list, you must leave the OASIS TC that
>>> generates this mail.  Follow this link to all your TCs in OASIS at:
>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>>>     
>
>




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]