Expressions

Description

The Expression signifies that an element that extends the ExpressionType and is a member of the Expression substitution group shall appear in its place. The Expression is not used directly in a policy. 

Standard attributes

The attributes depend on the Expression type selected.

EXPRESSION TYPE OTHER FIELDS DATA TYPE
Attribute value Value: alfanumeric field Available data types.
Resource Attribute designator
  • URL
  • Soffid object
  • Account name
  • System name
  • Login name
  • Vault folder
  • Access level
 Available data types.
Subject

Attribute designator

  • User
  • User attributes
  • Account
  • System
  • Role
  • Group
  • Primary Group
  • IP Address
 Available data types.
Action

Attribute designator

  • method
 Available data types.
Environment

Attribute designator

  • Country

  • Current Time

  • Current Date

  • Current DateTime

 Available data types.
Attribute selector Attribute selector: alphanumeric field Available data types.
Variable Variable: alfanumeric field --
Function

Function type:

  • Comparison
  • Arithmetic
  • Conversions
  • Date conversions
  • Boolean Operators
  • String Functions
  • Set Functions
  • Bag Functions
  • HigherOrderBagFunctions
  • XPath
 Available data types.
Function name

Function type:

  • Comparison
  • Arithmetic
  • Conversions
  • Date conversions
  • Boolean Operators
  • String Functions
  • Set Functions
  • Bag Functions
  • HigherOrderBagFunctions
  • XPath

Function: the value depends on the function type selected.

 Available data types.

Data Type

Available data types



https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf


Revision #20
Created 28 July 2021 10:44:24 by pgarcia@soffid.com
Updated 25 September 2023 11:05:04 by pgarcia@soffid.com