Hi Daniel, You will need to implement an XACML attribute finder module that retrieves a given object parent(s) probably via the RI-search interface or directly using the Trippi interface.
XACML architecture allows for these plugins, you just have to implement it :-) -chi -- Dr Chi Nguyen RAMP Project Manager & AAF Technical Advisor ACES/Macquarie E-Learning Center of Excellence MACQUARIE UNIVERSITY NSW 2109 Phone: +61 (0)2 9850 4140 Fax: +61 (0)2 9850 6527 http://www.melcoe.mq.edu.au CRICOS Provider No 00002J This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of ACES/Macquarie E-Learning Center of Excellence or Macquarie University. Daniel Mancusi wrote: > Hello, > > > > I have been trying to determine the best way to set XACML security > policies for objects which belong to a particular collection, as defined > in their RELS-EXT datastreams. Unless I am missing something, there > doesn't seem to be a way to directly determine the collection an object > belongs to via XACML. The best idea I have come up with is to assign a > special Content Model to all objects that I want to be access-restricted, > and target this specific content model in an XACML policy that denies > access to non-authenticated users. > > > > Has anyone dealt with a similar issue? Any insight would be appreciated. > > > > I should mention we are currently using Fedora 2.2.1, but will likely > upgrade to 3.0 in the future (And if there is a better solution in 3.0, I > can try to make the "future" happen very quickly!) > > > > Thanks for the help, > > ------------------------------------------------ > > Daniel Mancusi > > Digital Projects Technologist > > Library and Information Technology > > Bucknell University > > (570)577-1046 > > ------------------------------------------------ > > > > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Fedora-commons-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Fedora-commons-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
