Thanks for the replies. Adding policies to the collection objects and
referencing them in the member objects is an excellent idea and should
solve my problem. Thanks!
------------------------------------------------
Daniel Mancusi
Digital Projects Technologist
Library and Information Technology
Bucknell University
(570)577-1046
------------------------------------------------
_____
From: Glen Robson [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 10:00 AM
To: Daniel Mancusi
Cc: 'fedora-commons'
Subject: Re: [Fedora-commons-users] XACML Policy for Collections
Hi,
We are dealing with a similar issue where we want to be able to author
rights at the collection level. To do this we have created a redirected
POLICY datastream in the child object to point to a datastream in the
Parent object which contains the XACML. So the collection object would
look like:
Collection Object
-----------------------
DC datastream
RDF datastream
CHILD_POLICY datastream
Child
-------
DC datastream
RDF datastream
POLICY datastream (of type External pointing to parent CHILD_POLICY
datastream).
We are using fedora 2.2.3.
Thanks
Glen Robson
DAMS Implementation Manager
National Library of Wales
On 11 Sep 2008, at 15:35, Daniel Mancusi wrote:
Hello,
I have been trying to determine the best way to set XACML security
policies for objects which belong to a particular collection, as defined
in their RELS-EXT datastreams. Unless I am missing something, there
doesn't seem to be a way to directly determine the collection an object
belongs to via XACML. The best idea I have come up with is to assign a
special Content Model to all objects that I want to be access-restricted,
and target this specific content model in an XACML policy that denies
access to non-authenticated users.
Has anyone dealt with a similar issue? Any insight would be appreciated.
I should mention we are currently using Fedora 2.2.1, but will likely
upgrade to 3.0 in the future (And if there is a better solution in 3.0, I
can try to make the "future" happen very quickly!)
Thanks for the help,
------------------------------------------------
Daniel Mancusi
Digital Projects Technologist
Library and Information Technology
Bucknell University
(570)577-1046
------------------------------------------------
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the
world
http://moblin-contest.org/redirect.php?banner_id=100
<http://moblin-contest.org/redirect.php?banner_id=100&url=/_______________
________________________________>
&url=/_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
