Obligations
Description
XACML defines obligations as actions that have to be returned to the PEP with the PDP response XACML .
If the PDP's evaluation is viewed as a tree of rules, policy sets and policies, each of which returns "Permit" or "Deny", then the set of obligations returned by the PDP to the PEP will include only the obligations associated with those paths where the effect at each level of evaluation is the same as the effect being returned by the PDP.
Screen Overview
Add Obligation
Related objects
Standard attributes
- Obligation:
- urn:soffid:obligation:otp
- urn:soffid:obligation:message
- urn:soffid:obligation:bpm
- urn:soffid:obligation:session-recording
- urn:soffid:obligation:notify-owner
- Full fill on:
- Permit
- Deny
- Attribute:
- text: message that will be showed.
- process: process that will be launched.
- timeout: period of time the otp code will be valid for.
- Value: the value of the attribute.
| OBLIGATION | ATTRIBUTE |
| urn:soffid:obligation:otp | timeout |
| urn:soffid:obligation:message | text |
| urn:soffid:obligation:bpm | process |
Actions
|
Add new |
Allows you to add a new obligation to the obligations list. To add a new obligation you need to click the add button, located at the end of the header and fulfill the form and save the data. |
|
Delete |
Allows you to delete an obligation to the obligations list. To delete the obligation, you need to click the obligation you want to delete and click the button with the subtraction symbol (-) at the end of the record. To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation. |
|
Close |
Allows you to save the data of a new variable or to update the data of a specific variable. To save the data it will be mandatory to fill in the required fields |
|
Undo |
Allows you to quit without applying any changes. |
http://www.oasis-open.org/committees/xacml/