OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

[xacml] Problem in SubjectQualifier/SubjectAttributeDesignatorWhere

  • 1.  [xacml] Problem in SubjectQualifier/SubjectAttributeDesignatorWhere

    Posted 10-30-2002 20:25
    -------Forwarded for Seth Proctor--------------------------------------------- I think there's a problem with the schema involving the SubjectAttributeDesignatorWhere (or the proposed name SubjectQualifier, which I like more). It used to extend SubjectAttributeDesignatorType, but with the addition of the category element, it now only extends AttributeDesignatorType. It still contains, however, a list of SubjectMatchType, which in turn use SubjectAttributeDesignatorType as their designator. Shouldn't the match elements also extend AttributeDesignatorType and not SubjectAttributeDesignatorType in the SubjectQualifier? I think this needs a new match type that uses AttributeDesignator but is specified in the spec to look in the subject section of the request for all attributes.