XACL Example



From: http://www.trl.ibm.co.jp/projects/xml/doccont/xacl_e.htm

Context:

A policy example. 

Conceptually, our XML document consists of two parts: contents and policy. Here is a simple
example of bid submission document. The policy written in XACL contains three rules: 

  1.Alice has read and write privilege on the contents element. 
  2.Bob has only read privilege on the contents element. 
  3.By default, other users have no privilege on the contents element. 

<document>

                              <contents id="contents">
                                <userInfo id="section1">
                                  <date>Oct. 8, 1999</date>
                                  <name>Kudo</date>
                                </userInfo>
                                <bidInfo id="section2">
                                  <price currency="USD">150</price>
                                  <brand name="VISA"/>
                                </bidInfo>
                              </contents>

                              <policy>
                              <xacl>
                                <object href="id(contents)"/>
                                <rule id="rule1">
                                  <acl>
                                    <subject><uid>Alice</uid></subject>
                                    <privilege type="read" sign="+"/>
                                    <privilege type="write" sign="+"/> 
                                  </acl>
                                </rule>
                                <rule id="rule2">
                                  <acl>
                                    <subject><uid>Bob</uid></subject>
                                    <privilege type="read" sign="+"/>
                                  </acl>
                                </rule>
                                <rule id="rule3">
                                  <acl>
                                    <subject></subject>
                                    <privilege type="read" sign="-"/>
                                    <privilege type="write" sign="-"/>
                                  </acl>
                                </rule>
                              </xacl>
                              </policy>

                              </document> 

Prepared by Robin Cover for The XML Cover Pages archive.