xacml:PolicySet
Element information
Namespace: urn:oasis:names:tc:xacml:3.0:core:schema:wd-17
Schema document: xacml-core-v3-schema-wd-17.xsd
Type: xacml:PolicySetType
Properties: Global, Qualified
Content
- Sequence [1..1]
- xacml:Description [0..1]
- xacml:PolicyIssuer [0..1]
- xacml:PolicySetDefaults [0..1]
- xacml:Target [1..1]
- Choice [0..*]
- xacml:ObligationExpressions [0..1]
- xacml:AdviceExpressions [0..1]
Attributes
| Name | Occ | Type | Description | Notes |
|---|---|---|---|---|
| PolicySetId | [1..1] | xsd:anyURI | ||
| Version | [1..1] | xacml:VersionType | ||
| PolicyCombiningAlgId | [1..1] | xsd:anyURI | ||
| MaxDelegationDepth | [0..1] | xsd:integer |
Used in
- Type xacml:PolicySetType (Element xacml:PolicySet)
Sample instance
<PolicySet PolicySetId="urn:oasis:names:tc:xacml:3.0:example:policysetid:1" Version="1.0" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides"> <Description> Example policy set. </Description> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:example:med:schema:records</AttributeValue> <AttributeDesignator MustBePresent="false" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:2.0:resource:target-namespace" DataType="http://www.w3.org/2001/XMLSchema#string"/> </Match> </AllOf> </AnyOf> </Target> <PolicyIdReference> urn:oasis:names:tc:xacml:3.0:example:policyid:3 </PolicyIdReference> <Policy PolicyId="urn:oasis:names:tc:xacml:3.0:example:policyid:2" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides" Version="1.0"> <Target/> <Rule RuleId="urn:oasis:names:tc:xacml:3.0:example:ruleid:1" Effect="Permit"/> <Rule RuleId="urn:oasis:names:tc:xacml:3.0:example:ruleid:2" Effect="Permit"/> <Rule RuleId="urn:oasis:names:tc:xacml:3.0:example:ruleid:4" Effect="Deny"/> </Policy> </PolicySet>