Title: Sample rule in new syntax Colleagues - Just to give you a concrete example to look at, "rule 1" looks something like this in our new syntax. All the best. Tim. <?xml version="1.0" encoding="UTF-8"?> <Rule RuleId="//medico.com/rules/rule1" Effect="Permit" xmlns="urn:oasis:names:tc:xacml:0.15g:policy" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance " xsi:schemaLocation="urn:oasis:names:tc:xacml:0.15g:policy D:MYDOCU~1StandardsXACMLv15draft-xacml-schema-policy-15g.xsd"> <Description>A person may read any record for which he or she is the designated patient</Description> <Target> <Subjects> <AttributeDesignator Designator="//xacmlContext/Request/Subject/SubjectAttribute/Attribute[@DataType='urn:oasis:names:tc:xacml:0.15g:identifier:rfc822Name']/Value" DataType="xs:anyURI"/> <Attribute DataType="xs:anyURI"> <Value>*</Value> </Attribute> </Subjects> <Resources> <AttributeDesignator Designator="//xacmlContext/Request/Resource/@ResourceURI" DataType="xs:anyURI"/> <Attribute DataType="xs:anyURI"> <Value>//medico.com/record.*</Value> </Attribute> </Resources> <Actions> <saml:Action>read</saml:Action> </Actions> </Target> <Condition Name="urn:oasis:names:tc:XACML:0.15g:operators:string-equal" DataType="xs:boolean"> <AttributeDesignator Designator="urn:oasis:names:tc:xacml:0.15g:identifier:AccessSubject" DataType="xs:string"/> <AttributeDesignator Designator="xacmlContext/Request/Resource/patientName" DataType="xs:string"/> </Condition> </Rule> ----------------------------------------- Tim Moses Tel: 613.270.3183