MHonArc v2.5.0b2 -->

















xacml message






[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]








Subject: Re: [xacml] string-equal and bags




From: Polar Humenn <polar@syr.edu>
To: Rich Salz <rsalz@datapower.com>
Date: Wed, 11 May 2005 12:05:52 -0400 (EDT)







On Wed, 11 May 2005, Rich Salz wrote:

> Test IIC003Policy.xml has this fragment:
>         <Condition
> FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
>             <AttributeValue
> DataType="http://www.w3.org/2001/XMLSchema#string";>convicted-felon</AttributeValue>
>             <SubjectAttributeDesignator
> AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:group"
>                   DataType="http://www.w3.org/2001/XMLSchema#string"/>
>         </Condition>
>
> But SubjectAttributeDesignator returns a bag of strings and string-equal
> doesn't work on bags.
> Is the test wrong, or are we missing something?

Hmm, well, it's not so much that string-equal doesn't work on bags (which
your right, it doesn't), but this <Condition> is not type-correct. To be
correct, it would have to have a bag-string function, such as
"string-is-in", or use an <Apply FunctionId="string-one-and-only"> on the
SubjectAttributeDesignator expression.

-Polar








References:

string-equal and bags
From: Rich Salz <rsalz@datapower.com>






[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]