OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

conformance tests, datatype in attribute value elements of Request.xml files to be removed

  • 1.  conformance tests, datatype in attribute value elements of Request.xml files to be removed

    Posted 09-20-2005 16:55
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: conformance tests, datatype in attribute value elements of Request.xml files to be removed


    Hello,

    Summary: I think that I'm going to remove DataType attributes in Request.xml files from conformance tests. They pass schema validation, because schema allows them. However, they can potentially create confusion if the data types do not match between Attribute and its children AttributeValue elements.
    Also, the spec document defines that types should be in the parent Attribute element.

    Explanation:

    in some conformance tests, we have datatype attribute in AttributeValue elemnts. The xacml 2.0 schema doesn't specify exactly what should be in AttributeValue elements:
    ========
        <xs:complexType name="AttributeValueType" mixed="true">
            <xs:sequence>
                <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
            </xs:sequence>
            <xs:anyAttribute namespace="##any" processContents="lax"/>
        </xs:complexType>
    ========

    However, the current spec document has this in chapter 6.8:
    =============
    3043 The data-type of the <xacml-context:AttributeValue> SHALL be specified by using the
    3044 DataType attribute of the parent <Attribute> element.
    =============

    Here's an example conformance test, look at the duration attribute values:

    ========== IIC154Request.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <Request
          xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
            urn:oasis:names:tc:xacml:2.0:context:schema:os.xsd">
        <Subject>
            <Attribute
                  AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
                  DataType="http://www.w3.org/2001/XMLSchema#string">
                <AttributeValue>Julius Hibbert</AttributeValue>
            </Attribute>
            <Attribute
                  AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:test-attr"
                  DataType="http://www.w3.org/TR/2002/WD-xquery-operators-20020816#yearMonthDuration">
                <AttributeValue
                      DataType="http://www.w3.org/TR/2002/WD-xquery-operators-20020816#yearMonthDuration">-P5Y3M</AttributeValue>
            </Attribute>
        </Subject>
        <Resource>
            <Attribute
                  AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
                  DataType="http://www.w3.org/2001/XMLSchema#anyURI">
                <AttributeValue>http://medico.com/record/patient/BartSimpson</AttributeValue>
            </Attribute>
        </Resource>
        <Action>
            <Attribute
                  AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
                  DataType="http://www.w3.org/2001/XMLSchema#string">
                <AttributeValue>read</AttributeValue>
            </Attribute>
        </Action>
    </Request>
    ==========


    thanks,
    Argyn


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]