Re: [sunxacml-discuss] SubjectAttributeDesignator question
Brought to you by:
farrukh_najmi,
sethp
Menu
▾
▴
Re: [sunxacml-discuss] SubjectAttributeDesignator question
|
From: Seth P. <set...@su...> - 2006-01-24 22:25:02
|
Hi Dan.
On Tue, Jan 24, 2006 at 05:08:42PM -0500, Lanz, Dan wrote:
> How does one programmatically access the xml attributes of the
> SubjectAttributeDesignator element? The SubjectAttributeDesignator is
> a subelement of the SubjectMatch element in an xacml policy target, as
> shown in the policy fragment below:
Just FYI, AttributeDesignators are also used in Conditions and (in XACML 2.0)
VariableDefinitions. You probably know this, but I just wanted to clarify..
> [...]
> The subject attribute value is available from an EvaluationCtx by
> calling (as an example):
> getSubjectAttribute(new
> URI(com.sun.xacml.attr.X500NameAttribute.identifier), new
> URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id"), new
> URI("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"))
Right, but that's a Subject value from a Request, not a Policy. The thing
you're looking for is the member of a Policy. You have to look at the
fields of the right policy (in this case the Target of the Policy) to
find the AttributeDesignator.
Are you trying to do this from a particular point in extension code (eg, from
a finder module), or is this from a custom system you're building? If you
give me a better sense of what you're trying to do I'm happy to help you
figure out what you need.
seth
|
