<?xml version="1.0" encoding="UTF-8"?> | |
<!-- | |
Licensed to the Apache Software Foundation (ASF) under one or more | |
contributor license agreements. See the NOTICE file distributed with | |
this work for additional information regarding copyright ownership. | |
The ASF licenses this file to You under the Apache License, Version 2.0 | |
(the "License"); you may not use this file except in compliance with | |
the License. You may obtain a copy of the License at | |
http://www.apache.org/licenses/LICENSE-2.0 | |
Unless required by applicable law or agreed to in writing, software | |
distributed under the License is distributed on an "AS IS" BASIS, | |
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
See the License for the specific language governing permissions and | |
limitations under the License. | |
--> | |
<Policy | |
xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 | |
http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd" | |
PolicyId="urn:oasis:names:tc:xacml:3.0:example:SimplePolicy1" | |
Version="1.0" | |
RuleCombiningAlgId="identifier:rule-combining-algorithm:deny-overrides"> | |
<Description> | |
Medi Corp access control policy | |
</Description> | |
<Target/> | |
<Rule | |
RuleId= "urn:oasis:names:tc:xacml:3.0:example:SimpleRule1" | |
Effect="Permit"> | |
<Description> | |
Any subject with an e-mail name in the med.example.com domain | |
can perform any action on any resource. | |
</Description> | |
<Target> | |
<AnyOf> | |
<AllOf> | |
<Match | |
MatchId="urn:oasis:names:tc:xacml:1.0:function:rfc822Name-match"> | |
<AttributeValue | |
DataType="http://www.w3.org/2001/XMLSchema#string" | |
>med.example.com</AttributeValue> | |
<AttributeDesignator | |
MustBePresent="false" | |
Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" | |
AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" | |
DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name"/> | |
</Match> | |
</AllOf> | |
</AnyOf> | |
</Target> | |
</Rule> | |
</Policy> |