Page History

...

ID	DataType	Source	In Request?	Notes
`urn:oasis:names:tc:xacml:1.0:subject:subject-id`	string	user principal	Yes
`urn:oasis:names:tc:xacml:1.0:subject:subject-id-qualifier`	string	TBD		name-space for the subject-id
`urn:oasis:names:tc:xacml:1.0:subject:request-time`		AuthZ delegate	Yes	time when this action was requested
`urn:oasis:names:tc:xacml:1.0:subject:session-start-time`		ModeShape session	Yes	time when Fedora transaction began
`urn:oasis:names:tc:xacml:2.0:subject:group`	string	all principals except user	Yes	extensible via Principal Factory
`urn:oasis:names:tc:xacml:2.0fcrepo-xacml:subject:-role`	string	effective access roles	Yes	Fedora access roles for this user/group† XACML Role-Based Access Control Profile
`urn:oasis:names:tc:xacml:1.0:subject:authn-locality:authentication-method`	string	TBD	Yes	what style of AuthN? (OAuth/Tomcat/Shibboleth)
~~`urn:oasis:names:tc:xacml:1.0:subject:authn-locality:ip-address`~~	~~string~~	~~TBD~~	~~Yes~~	address of authenticating agent: OAuth authorization server SSO server fedora server (tomcat users)
`urn:oasis:names:tc:xacml:1.0:subject:authn-locality:dns-name`	string	TBD	Yes	See above description of ip-address.

...

Page tree