Difference between revisions of "IdentityCondition"

From GreenVulcano Wiki
Jump to: navigation, search
Line 18: Line 18:
 
==ACL==
 
==ACL==
  
This element defines a resource [http://en.wikipedia.org/wiki/Access_control_list ACL] (Access Control List). It is used by elements [[DefaultRes]], [[IdentityCondition]], [[ServiceRes]].
+
This element defines a resource [http://en.wikipedia.org/wiki/Access_control_list ACL] (Access Control List). It is used by elements [[GVPolicy#DefaultRes|DefaultRes]], [[IdentityCondition]], [[GVPolicy#ServiceRes|ServiceRes]].
  
 
Might contain more elements [[#RoleRef|RoleRef]].
 
Might contain more elements [[#RoleRef|RoleRef]].

Revision as of 11:36, 21 March 2012

This feature allows you to specify a condition on the roles of the Principal invoking the service.

The following table shows the IdentityCondition attributes:

Attribute Type Description
type fixed This attribute must assume the value condition
class fixed This attribute must assume the value it.greenvulcano.gvesb.identity.condition.IdentityCondition
condition required This attribute defines the name of the condition. Unique inside the 'Conditions' element.

Its subelements are:

ACL

This element defines a resource ACL (Access Control List). It is used by elements DefaultRes, IdentityCondition, ServiceRes.

Might contain more elements RoleRef.

RoleRef

Element RoleRef defines an ACL role reference. Its attributes are:

Attribute Type Description
name required Role name

The name must be defined in GVPolicy, the GreenVulcano® ESB ACL Policy framework.