Skip to main content

Expressions

Description

Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target.  Therefore, it may be absent.

It is able to add one or more conditions.

Custom attributes

Condition name

Name to identify the condition.

Expression

It is a boolean expression that you can create, to start you need to select the expression type. The other fields to fulfill depend on the expression type selected.

The following options are available:

Attribute value

  • Value
  • Data type

Resource

  • Attribute designator
    • Url
    • Soffid object
    • Account name
    • System name
    • Login name
    • Vault folder
    • Access level
  • Data type

Subject

  • Attribute designator
  • Data type

Action

  • Attribute designator
    • Method
  • Data type

Environment

  • Attribute designator
  • Data type

Attribute selector

  • Attribute selector
  • Data type

Variable

  • Variable

Function

  • Function type
  • Function
  • Data type

Function name

  • Function type
  • Function
  • Data type

 

https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

 

Back to top