http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Request.xml new file mode 100755 index 0000000..5377786 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Request.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>45</AttributeValue> + </Attribute> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>46</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request>
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Response.xml new file mode 100755 index 0000000..a6b4661 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA013Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Indeterminate</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:processing-error"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Policy.xml new file mode 100755 index 0000000..e4427a2 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA014. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:rule"> + <Description> + Anyone who is 45 integer years old may perform any + action on any resource. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age" Category="urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject" DataType="http://www.w3.org/2001/XMLSchema#integer"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>45</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Request.xml new file mode 100755 index 0000000..8bff657 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Request.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>46</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>45</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA014Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Policy.xml new file mode 100755 index 0000000..b806c7c --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Policy.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA015. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:rule"> + <Description> + Anyone who is 45 integer years old may perform any + action on any resource. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#integer"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>45</AttributeValue> + +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Request.xml new file mode 100755 index 0000000..d2d52a6 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Request.xml @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>46</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:2.0:conformance-test:age"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>45</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request> + + + http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA015Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Policy.xml new file mode 100755 index 0000000..d2d13a5 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA016:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA016. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA016:rule"> + <Description> + Anyone can perform any action on any resource if current-time + is 08:23:47-05:00. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#time"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>08:23:47-05:00</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Request.xml new file mode 100755 index 0000000..5b28be5 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Request.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>08:23:47-05:00</AttributeValue> + </Attribute> + </Attributes> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA016Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Policy.xml new file mode 100755 index 0000000..525840a --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Policy.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA017:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA017. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA017:rule"> + <Description> + Anyone can perform any action on any resource if + there is a current-time attribute. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-bag-size"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#time"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>1</AttributeValue> + +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Request.xml new file mode 100755 index 0000000..a1aa16f --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Request.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA017Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Policy.xml new file mode 100755 index 0000000..881d110 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA018:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA018. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA018:rule"> + <Description> + Anyone can perform any action on any resource if current-time + is 05:23:47-05:00 + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:date-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:date-one-and-only"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-date" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#date"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>2002-03-22</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Request.xml new file mode 100755 index 0000000..a32af1c --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Request.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-date"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>2002-03-22</AttributeValue> + </Attribute> + </Attributes> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA018Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Policy.xml new file mode 100755 index 0000000..0ef653b --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA019:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA019. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA019:rule"> + <Description> + Anyone can perform any action on any resource if + there is a current-time attribute. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:date-bag-size"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-date" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#date"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>1</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Request.xml new file mode 100755 index 0000000..a1aa16f --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Request.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA019Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Policy.xml new file mode 100755 index 0000000..557a945 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA020:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA020. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA020:rule"> + <Description> + Anyone can perform any action on any resource if current-time + is 05:23:47-05:00 + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:dateTime-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:dateTime-one-and-only"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-dateTime" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#dateTime"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>2002-03-22T08:23:47-05:00</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Request.xml new file mode 100755 index 0000000..0569ea9 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Request.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-dateTime"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>2002-03-22T08:23:47-05:00</AttributeValue> + </Attribute> + </Attributes> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA020Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Policy.xml new file mode 100755 index 0000000..653ef54 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Policy.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA021:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA021. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA021:rule"> + <Description> + Anyone can perform any action on any resource if + there is a current-time attribute. + </Description> + <Condition> +<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:dateTime-bag-size"> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-dateTime" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" DataType="http://www.w3.org/2001/XMLSchema#dateTime"; MustBePresent="false"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>1</AttributeValue> +</Apply> + </Condition> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Request.xml new file mode 100755 index 0000000..a1aa16f --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Request.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="false" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" /> +</Request> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Response.xml new file mode 100755 index 0000000..6d9d852 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA021Response.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + </Result> +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Policy.xml new file mode 100755 index 0000000..fae94a0 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Policy.xml @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA022:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA022. + Purpose: Test that all DataTypes with IncludeInResult=true show up in result. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:rule"> + <Description> + Julius Hibbert can read or write Bart Simpson's medical record. + </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#anyURI"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Request.xml new file mode 100755 index 0000000..63f07c6 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Request.xml @@ -0,0 +1,124 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; xmlns:md="http://www.medico.com/schemas/record"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-string" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert as string</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-boolean" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean";>true</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-integer" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>56</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-double" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#double";>27.50</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-date" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>2002-03-22</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dateTime" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>2002-03-22T08:23:47-05:00</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dayTimeDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dayTimeDuration";>P50DT5H4M3S</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-yearMonthDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#yearMonthDuration";>-P5Y3M</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-hexBinary" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#hexBinary";>0BF7A9876CDE</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#base64Binary";>c3VyZS4=</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">[email protected]</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-x500Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:x500Name">cn=Julius Hibbert, o=Medi Corporation, c=US</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-ipAddress" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:ipAddress">122.45.38.245/255.255.255.64:8080</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dnsName" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:dnsName">some.host.name:147-874</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Content> + <md:records> + <md:record> + <md:patient_info> + <md:name>Bart Simpson</md:name> + <md:age>60</md:age> + <md:sex>male</md:sex> + <md:health_insurance>123456</md:health_insurance> + </md:patient_info> + <md:diagnosis_info> + <md:diagnosis> + <md:item type="primary">Gastric Cancer</md:item> + <md:item type="secondary">Hyper tension</md:item> + </md:diagnosis> + <md:pathological_diagnosis> + <md:diagnosis> + <md:item type="primary">Well differentiated adeno carcinoma</md:item> + </md:diagnosis> + <md:date>2000-10-05</md:date> + <md:malignancy type="yes"/> + </md:pathological_diagnosis> + </md:diagnosis_info> + </md:record> + <md:record> + <md:patient_info> + <md:name>Homer Simpson</md:name> + <md:age>80</md:age> + <md:sex>male</md:sex> + <md:health_insurance>123456</md:health_insurance> + </md:patient_info> + <md:diagnosis_info> + <md:diagnosis> + <md:item type="primary">Gastric Cancer</md:item> + <md:item type="secondary">Hyper tension</md:item> + </md:diagnosis> + <md:pathological_diagnosis> + <md:diagnosis> + <md:item type="primary">Well differentiated adeno carcinoma</md:item> + </md:diagnosis> + <md:date>2000-10-05</md:date> + <md:malignancy type="yes"/> + </md:pathological_diagnosis> + </md:diagnosis_info> + </md:record> + </md:records> + </Content> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:xpathExpression" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" + XPathCategory="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">//md:records/md:record</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>08:23:47-05:00</AttributeValue> + </Attribute> + </Attributes> +</Request> + + + + + + + + + http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.json ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.json b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.json new file mode 100755 index 0000000..9a483bd --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.json @@ -0,0 +1,127 @@ +{ + "Response" : [ { + "Status" : { + "StatusCode" : { + "Value" : "urn:oasis:names:tc:xacml:1.0:status:ok" + } + }, + "Category" : [ { + "CategoryId" : "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", + "Attribute" : [ { + "Issuer" : "ConformanceTester", + "Value" : "Julius Hibbert", + "DataType" : "string", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-id" + }, { + "Issuer" : "ConformanceTester", + "Value" : "Julius Hibbert as string", + "DataType" : "string", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-string" + }, { + "Issuer" : "ConformanceTester", + "Value" : true, + "DataType" : "boolean", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-boolean" + }, { + "Issuer" : "ConformanceTester", + "Value" : 56, + "DataType" : "integer", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-integer" + }, { + "Issuer" : "ConformanceTester", + "Value" : 27.5, + "DataType" : "double", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-double" + }, { + "Issuer" : "ConformanceTester", + "Value" : "2002-03-22", + "DataType" : "date", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-date" + }, { + "Issuer" : "ConformanceTester", + "Value" : "2002-03-22T08:23:47-05:00", + "DataType" : "dateTime", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-dateTime" + }, { + "Issuer" : "ConformanceTester", + "Value" : "P50DT5H4M3S", + "DataType" : "dayTimeDuration", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-dayTimeDuration" + }, { + "Issuer" : "ConformanceTester", + "Value" : "-P5Y3M", + "DataType" : "yearMonthDuration", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-yearMonthDuration" + }, { + "Issuer" : "ConformanceTester", + "Value" : "0bf7a9876cde", + "DataType" : "hexBinary", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-hexBinary" + }, { + "Issuer" : "ConformanceTester", + "Value" : "c3VyZS4=", + "DataType" : "base64Binary", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" + }, { + "Issuer" : "ConformanceTester", + "Value" : "[email protected]", + "DataType" : "rfc822Name", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" + }, { + "Issuer" : "ConformanceTester", + "Value" : "CN=Julius Hibbert, O=Medi Corporation, C=US", + "DataType" : "x500Name", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-x500Name" + }, { + "Issuer" : "ConformanceTester", + "Value" : "122.45.38.245/255.255.255.64:8080-8080", + "DataType" : "ipAddress", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-ipAddress" + }, { + "Issuer" : "ConformanceTester", + "Value" : "some.host.name:147-874", + "DataType" : "dnsName", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:subject:subject-dnsName" + } ] + }, { + "CategoryId" : "urn:oasis:names:tc:xacml:3.0:attribute-category:resource", + "Attribute" : [ { + "Issuer" : "ConformanceTester", + "Value" : { + "Namespaces" : [ { + "Namespace" : "urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + }, { + "Namespace" : "http://www.w3.org/2001/XMLSchema-instance";, + "Prefix" : "xsi" + } ], + "XPathCategory" : "urn:oasis:names:tc:xacml:3.0:attribute-category:resource", + "XPath" : "//md:records/md:record" + }, + "DataType" : "xpathExpression", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:resource:xpathExpression" + }, { + "Issuer" : "ConformanceTester", + "Value" : "http://medico.com/record/patient/BartSimpson";, + "DataType" : "anyURI", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:resource:resource-id" + } ] + }, { + "CategoryId" : "urn:oasis:names:tc:xacml:3.0:attribute-category:action", + "Attribute" : [ { + "Issuer" : "ConformanceTester", + "Value" : "read", + "DataType" : "string", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:action:action-id" + } ] + }, { + "CategoryId" : "urn:oasis:names:tc:xacml:3.0:attribute-category:environment", + "Attribute" : [ { + "Issuer" : "ConformanceTester", + "Value" : "08:23:47-05:00", + "DataType" : "time", + "AttributeId" : "urn:oasis:names:tc:xacml:1.0:environment:current-time" + } ] + } ], + "Decision" : "Permit" + } ] +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.xml new file mode 100755 index 0000000..203f0dc --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA022Response.xml @@ -0,0 +1,81 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Response + xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 + http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd";> + <Result> + <Decision>Permit</Decision> + <Status> + <StatusCode + Value="urn:oasis:names:tc:xacml:1.0:status:ok"/> + </Status> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-string" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert as string</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-boolean" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean";>true</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-integer" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>56</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-double" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#double";>27.50</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-date" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>2002-03-22</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dateTime" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>2002-03-22T08:23:47-05:00</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dayTimeDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dayTimeDuration";>P50DT5H4M3S</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-yearMonthDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#yearMonthDuration";>-P5Y3M</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-hexBinary" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#hexBinary";>0BF7A9876CDE</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#base64Binary";>c3VyZS4=</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">[email protected]</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-x500Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:x500Name">cn=Julius Hibbert, o=Medi Corporation, c=US</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-ipAddress" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:ipAddress">122.45.38.245/255.255.255.64:8080</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dnsName" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:dnsName">some.host.name:147-874</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:xpathExpression" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" + XPathCategory="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">//md:records/md:record</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>08:23:47-05:00</AttributeValue> + </Attribute> + </Attributes> + </Result> + +</Response> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Policy.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Policy.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Policy.xml new file mode 100755 index 0000000..18f5f61 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Policy.xml @@ -0,0 +1,46 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA023:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description> + Policy for Conformance Test IIA023. + Purpose: Test that all DataTypes as Arrays (same Category, AttributeId, Issuer, DataType) with IncludeInResult=true show up in result. + ALSO test that selection works with array of values. + </Description> + <Target/> + <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIA1:rule"> + <Description> + Julius Hibbert can read or write Bart Simpson's medical record. + </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#anyURI"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + </Rule> +</Policy> http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Request.xml ---------------------------------------------------------------------- diff --git a/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Request.xml b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Request.xml new file mode 100755 index 0000000..b255db4 --- /dev/null +++ b/openaz-xacml-test/testsets/conformance/xacml3.0-ct-v.0.4/IIA023Request.xml @@ -0,0 +1,180 @@ +<?xml version="1.0" encoding="utf-8"?> +<Request xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"; xmlns:md="http://www.medico.com/schemas/record"; ReturnPolicyIdList="false" CombinedDecision="false" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert as string</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>test string</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Julius Hibbert</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-boolean" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean";>true</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-boolean" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean";>false</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-integer" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>56</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-integer" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer";>12</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-double" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#double";>27.50</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-double" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#double";>73985.34256</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-date" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>2002-03-22</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-date" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#date";>1256-11-11</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dateTime" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>2002-03-22T08:23:47-05:00</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dateTime" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dateTime";>1056-11-05T19:08:12-14:30</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dayTimeDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dayTimeDuration";>P50DT5H4M3S</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dayTimeDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#dayTimeDuration";>P12DT148H18M21S</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-yearMonthDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#yearMonthDuration";>-P5Y3M</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-yearMonthDuration" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#yearMonthDuration";>-P28Y7M</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-hexBinary" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#hexBinary";>0BF7A9876CDE</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-hexBinary" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#hexBinary";>0FB8</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#base64Binary";>c3VyZS4=</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#base64Binary";>YXN1cmUu</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">[email protected]</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-rfc822Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name">c_clown@NOSE_MEDICO.COM</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-x500Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:x500Name">cn=Julius Hibbert, o=Medi Corporation, c=US</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-x500Name" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:1.0:data-type:x500Name">cn=Crusty Clown, o=Red Nose Corporation, c=US</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-ipAddress" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:ipAddress">122.45.38.245/255.255.255.64:8080</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-ipAddress" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:ipAddress">35.123.111.56/255.64.32.255:9999</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dnsName" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:dnsName">some.host.name:147-874</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-dnsName" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:2.0:data-type:dnsName">a.different.host:-45</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <Content> + <md:records> + <md:record> + <md:patient_info> + <md:name>Bart Simpson</md:name> + <md:age>60</md:age> + <md:sex>male</md:sex> + <md:health_insurance>123456</md:health_insurance> + </md:patient_info> + <md:diagnosis_info> + <md:diagnosis> + <md:item type="primary">Gastric Cancer</md:item> + <md:item type="secondary">Hyper tension</md:item> + </md:diagnosis> + <md:pathological_diagnosis> + <md:diagnosis> + <md:item type="primary">Well differentiated adeno carcinoma</md:item> + </md:diagnosis> + <md:date>2000-10-05</md:date> + <md:malignancy type="yes"/> + </md:pathological_diagnosis> + </md:diagnosis_info> + </md:record> + <md:record> + <md:patient_info> + <md:name>Homer Simpson</md:name> + <md:age>80</md:age> + <md:sex>male</md:sex> + <md:health_insurance>123456</md:health_insurance> + </md:patient_info> + <md:diagnosis_info> + <md:diagnosis> + <md:item type="primary">Gastric Cancer</md:item> + <md:item type="secondary">Hyper tension</md:item> + </md:diagnosis> + <md:pathological_diagnosis> + <md:diagnosis> + <md:item type="primary">Well differentiated adeno carcinoma</md:item> + </md:diagnosis> + <md:date>2000-10-05</md:date> + <md:malignancy type="yes"/> + </md:pathological_diagnosis> + </md:diagnosis_info> + </md:record> + </md:records> + </Content> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:xpathExpression" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" + XPathCategory="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">//md:records/md:record</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:xpathExpression" Issuer="ConformanceTester"> + <AttributeValue DataType="urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" + XPathCategory="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">//md:records/md:diagnosis_info</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/BartSimpson</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI";>http://medico.com/record/patient/HomerSimpson</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>read</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>write</AttributeValue> + </Attribute> + </Attributes> + <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>08:23:47-05:00</AttributeValue> + </Attribute> + <Attribute IncludeInResult="true" AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" Issuer="ConformanceTester"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time";>22:12:10-24:53</AttributeValue> + </Attribute> + </Attributes> +</Request> + + + + + + + + +
