13 messages in org.oasis-open.lists.xacmlRe: [xacml] apr15 schema subcom issues| From | Sent On | Attachments |
|---|---|---|
| Simon Godik | Apr 16, 2002 10:19 am | |
| Anne Anderson | Apr 16, 2002 11:16 am | |
| Tim Moses | Apr 16, 2002 2:39 pm | |
| ernesto damiani | Apr 17, 2002 9:06 am | |
| Anne Anderson | Apr 17, 2002 9:39 am | |
| Beznosov, Konstantin | Apr 17, 2002 4:39 pm | |
| Anne Anderson | Apr 18, 2002 6:50 am | |
| bill parducci | Apr 18, 2002 8:09 am | |
| Anne Anderson | Apr 19, 2002 11:57 am | |
| ernesto damiani | Apr 29, 2002 2:21 am | |
| Michiharu Kudoh | Apr 29, 2002 4:47 am | |
| Michiharu Kudoh | Apr 29, 2002 4:57 am |  .pdf, .doc |
| Pierangela Samarati | Apr 29, 2002 5:28 am |
| Subject: | Re: [xacml] apr15 schema subcom issues | |
|---|---|---|
| From: | Anne Anderson (Anne...@Sun.com) | |
| Date: | Apr 16, 2002 11:16:13 am | |
| List: | org.oasis-open.lists.xacml | |
On 16 April, Simon Godik writes: [xacml] apr15 schema subcom issues
1. Investigate graphical schema representation with xml spy (Simon) Ann suggested including graphical representation of the schema in the core text.
Correction: I did not intend to suggest including it in the core text. I merely requested that someone in the TC with access to a good graphical representation tool post a graphical representation when new schema versions come out.
Additional issue from the April 15 2002 schema subcom:
5. Will XACML extensibility be handled via extension schemas, or will the XACML base functions include a mechanism for locating extensions?
For example, if I want to define a new predicate to compare dates expressed in the Mayan calendar format, do I
a) define an extension schema xmlns:mayan="http://http://research.sun.com/people/anderson/mayan.xsd" that defines
<xs:element name="MayanDateMatch" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
then use <MayanDateMatch> <saml:AttributeDesignator>...</saml:AttributeDesignator> <saml:AttributeDesignator>...</saml:AttributeDesignator> </MayanDate
in my policy, or
b) make use of built-in XACML extensible predicate element, and use in my policy:
<Operator OperatorName="MayanDateMatch" OperatorNamespace="http://research.sun.com/people/anderson/"> <saml:AttributeDesignator>....</saml:AttributeDesignator> <string>"tzolkin=2 Etznab, haab=11 Pop"</string> </Operator>
where the base XACML specification defines something like:
<xs:element name="Operator" type="xacml:ExtensiblePredicateType" substitutionGroup="xacml:predicate"/>
<xs:complexType name="ExtensiblePredicateType"> <xs:complexContent> <xs:extension base="xacml:PredicateAbstractType"> <xs:choice minOccurs="1"> <xs:element ref="saml:AttributeDesignator"/> <xs:element ref="saml:Attribute"/> <xs:element ref="xacml:attributeFunction"/> <xs:string/> </xs:choice> <xs:attribute name="OperatorName" type="xs:anyURI" use="required"/> <xs:attribute name="OperatorNamespace" type="xs:anyURI" use="required"/> </xs:complexContent> </xs:complexType>
Anne
-- Anne H. Anderson Email: Anne...@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692