OASIS eXtensible Access Control Markup Language (XACML) TC

RE: [glossary] 'no subject'

  • 1.  RE: [glossary] 'no subject'

    Posted 10-08-2001 09:34
    I agree that the "subject" of an authorization action need not be a user -
    and did not read the SAML definition to restrict in this way (the example
    clause was illustrative not restrictive). Nonetheless, we should clear up
    the definition so that there is no question that we can use attributes to
    identify the subject rather than assuming that identity is the sole
    determinant.
    
    - joe