Expressions

Description

The Expression signifies that an element that extends the ExpressionType and is a member of the Expression substitution group shall appear in its place. The Expression is not used directly in a policy. 

Standard attributes

The attributes depends on the Expression type selected.

EXPRESSION TYPE OTHER FIELDS DATA TYPE
Attribute value Value: alfanumeric field Available data types.
Resource Attribute designator
  • URL
  • Soffid object
  • Account name
  • System name
  • Login name
  • Vault folder
  • Access level
Available data types.
Subject

Attribute designator

  • User
  • User attributes
  • Account
  • System
  • Role
  • Group
  • Primary Gorup
  • IP Address
Available data types.
Action

Attribute designator

  • method
Available data types.
Environment

Attribute designator

  • Country
  • Current Time

  • Current Date

  • Current DateTime

Available data types.
Attribute selector Attribute selector: alfanumeric field Available data types.
Variable Variable: alfanumeric field --
Function

Function type:

  • Comparison
  • Atithmetic
  • Conversions
  • Boolean Operators
  • String Functions
  • Set Functions
  • Bag Functions
  • HigherOrderBagFunctions
  • XPath
Available data types.
Function name

Function type:

  • Comparison
  • Atithmetic
  • Conversions
  • Boolean Operators
  • String Functions
  • Set Functions
  • Bag Functions
  • HigherOrderBagFunctions
  • XPath

Function: the value depends on the function type selected.

Available data types.

Data Type

Available data types

 

 


https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

 


Revision #19
Created 28 July 2021 10:44:24 by pgarcia@soffid.com
Updated 6 August 2021 09:20:13 by pgarcia@soffid.com