[jboss-jira] [JBoss JIRA] Closed: (SECURITY-523) XACML Subject, Action, Resource and Environment should use List rather than Set

Anil Saldhana (JIRA) jira-events at lists.jboss.org
Mon Aug 30 20:56:11 EDT 2010 

     [ https://jira.jboss.org/browse/SECURITY-523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Anil Saldhana closed SECURITY-523.
----------------------------------

    Resolution: Done


> XACML Subject, Action, Resource and Environment should use List rather than Set
> -------------------------------------------------------------------------------
>
>                 Key: SECURITY-523
>                 URL: https://jira.jboss.org/browse/SECURITY-523
>             Project: PicketBox (JBoss Security and Identity Management)
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: jboss-sunxacml
>            Reporter: Anil Saldhana
>            Assignee: Anil Saldhana
>
> List can hold duplicates where as set cannot.
> XACML spec has the bag functionality such as the following request:
> ===============
> <?xml version="1.0" encoding="UTF-8"?>
> <Request  
>     xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os" 
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
>     xsi:schemaLocation=" urn:oasis:names:tc:xacml:2.0:context:schema:os 
>       http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
>     <Subject>
>         <Attribute
>               AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
>               DataType="http://www.w3.org/2001/XMLSchema#string">
>             <AttributeValue>Julius Hibbert</AttributeValue>
>         </Attribute>
>         <Attribute
>               AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:test-attr"
>               DataType="http://www.w3.org/2001/XMLSchema#string">
>             <AttributeValue
>                   DataType="http://www.w3.org/2001/XMLSchema#string">   This  is IT!  </AttributeValue>
>         </Attribute>
>         <Attribute
>               AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:test-attr"
>               DataType="http://www.w3.org/2001/XMLSchema#string">
>             <AttributeValue
>                   DataType="http://www.w3.org/2001/XMLSchema#string">   This  is IT!  </AttributeValue>
>         </Attribute>
>     </Subject>
>     <Resource>
>         <Attribute
>               AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
>               DataType="http://www.w3.org/2001/XMLSchema#anyURI">
>             <AttributeValue>http://medico.com/record/patient/BartSimpson</AttributeValue>
>         </Attribute>
>     </Resource>
>     <Action>
>         <Attribute
>               AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
>               DataType="http://www.w3.org/2001/XMLSchema#string">
>             <AttributeValue>read</AttributeValue>
>         </Attribute>
>     </Action>
> </Request>
> =================
> So if you add hashcode/equals as in SECURITY-522,  you will see that the subject attributes will not be 3 but rather just 2.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list