Skip to main content

Conditions

Description

Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target.  Therefore, it may be absent.

 It is able to add one or more conditions.

Screen overview

 

Custom attributes

Condition name

Name to identify the condition.

Expression

BooleanIt expresionis a boolean expression that you can create, to start you need to select the the expression type. The other fields to fulfill depend on the expression type selected.

The following options are available:

Attribute value

  • Value
  • Data type

Resource

  • Attribute designator
    • Url
    • Soffid object
    • Account name
    • System name
    • Login name
    • Vault folder
    • Access level
  • Data type

Subject

  • Attribute designator
  • Data type

Action

  • Attribute designator
    • Method
  • Data type

Environment

  • Attribute designator
  • Data type

Attribute selector

  • Attribute selector
  • Data type

Variable

  • Variable

Function

  • Function type
  • Function
  • Data type

Function name

 

  • Value:Function type
  • Function
  • Data type: the data type depends on the expression type.

 

 

https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

 

Back to top