OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only
Back to discussions
Expand all | Collapse all

delegation constraints schema

  • 1.  delegation constraints schema

    Posted 04-22-2005 16:38 
     MHonArc v2.5.0b2 -->

















    xacml message
    







    [Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]
    


    







    Subject: delegation constraints schema
    







    



    (See Erik's msg on delegation constraint)
Delegation constraint can be expressed by having <DelegationConstraint> 
element as a child of <Delegate>

Note that constraints on immediate delegate can be applied to 
re-delegates and then delegation-constraint is not needed.

<Target>
    <Delegate>
       <SubjectMatch>....</SubjectMatch> <- ONE OR MORE (Constraints on 
immediate delegate)
       <DelegationConstraint>   <-- OPTIONAL (Constraints on re-delegates)
          <SubjectMatch>....</SubjectMatch>   <-- ONE OR MORE
          <SubjectMatch>...</SubjectMatch>
       </DelegationConstraint>
    </Delegate>
</Target>

Simon

    





    







    


    [Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]


Related Content