All geek questions in one place

XACML policy definition Resource attribute with wildcard parameter

How to define an XACML policy that checks for something like a table name, such as "EMPL%"

Should I use RegEx for this?

+4
source share
1 answer

There are several string functions that you could use.

In the XACML 3.0 specification ( http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf ) you can use:

  • urn: oasis: names: dts: XACML: 3.0: Function: string ends-s
  • ballot boxes: oasis: names: dts: XACML: 3.0: Function: line-starts-with
  • urns: oasis: names: dts: XACML: 3.0: Function: string-contains
  • urn: oasis: names: dts: XACML: 1.0: Function: string-regular expression match

The latter is what you would like to use. See Section A.3.13 for more information. Regular expression based functions.

+2
source

Source: https://habr.com/ru/post/1398041/

More articles:


All Articles