Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: fix links

...

AttributeDescription
urn:mace:projectbamboo.org:attribute:1.0:app-idRepresents the Application Identifier that would be passed by the application making the request (cf. Maintaining Application Catalog Data for Trusted Clients). This attribute is passed by trusted client applications in an HTTP request header called X-Bamboo-AppID; see the Client Responsibilities... section of any service contract listed on the page Service APIs - Centrally-Hosted Bamboo Services.
urn:oasis:names:tc:xacml:1.0:subject:subject-idRepresents the Subject Identifier that would be passed by the application making the request (subject identifiers are passed by trusted client applications in an HTTP request header called X-Bamboo-BPID; see the Client Responsibilities... section of any service contract listed on the page Service APIs - Centrally-Hosted Bamboo Services )
urn:oasis:names:tc:xacml:1.0:resource:resource-idRepresents the resource that is the object of the request
urn:oasis:names:tc:xacml:1.0:action:action-idRESTful actions that can be performed as part of a request (a.k.a. "HTTP verbs"). The allowed actions are: GET, PUT, POST, and DELETE.
urn:mace:projectbamboo.org:attribute:1.0:group-has-view-access-rightsRepresents a group that is associated (via the Protected Resource service) with a protected resource, such that users who are members of the group have view access rights to the resource (cf. Group Service Contract Description - v0.9-alpha)
urn:mace:projectbamboo.org:attribute:1.0:group-has-update-access-rightsRepresents a group that is associated (via the Protected Resource service) with a protected resource, such that users who are members of the group have update access rights to the resource (cf. Group Service Contract Description - v0.9-alpha).
urn:mace:dir:attribute-def:isMemberOfRepresents the Identifier of a group to which the subject (user) belongs (cf. Group Service Contract Description - v0.9-alpha).
urn:mace:projectbamboo.org:attribute:1.0:scopedRoleRepresents an assertion that the user has some role within a domain. "Scoped roles" are passed by trusted client applications in an HTTP request header called X-Bamboo-Roles; see the Client Responsibilities... section of any service contract listed on the page Service APIs - Centrally-Hosted Bamboo Services . A "scoped role" is formatted as an RFC822 Name consisting of a local-part followed by "@" followed by a domain-part, e.g., unspecified@berkeley.edu.
urn:mace:projectbamboo.org:attribute:1.0:scoped-role-has-view-access-rightsRepresents a "scoped role" that is associated (via the Protected Resource service) with a protected resource, such that users who hold the scoped role has view access rights to the resource. Cf. description of urn:mace:projectbamboo.org:attribute:1.0:scopedRole for additional context and formatting information.
urn:mace:projectbamboo.org:attribute:1.0:scoped-role-has-update-access-rightsRepresents a "scoped role" that is associated (via the Protected Resource service) with a protected resource, such that users who hold the scoped role has update access rights to the resource. Cf. description of urn:mace:projectbamboo.org:attribute:1.0:scopedRole for additional context and formatting information.
urn:oasis:names:tc:xacml:1.0:subject:request-timeIndicates the time at which the subject initiated the access request.
urn:mace:projectbamboo.org:attribute:1.0:host-nameRepresents the name of the server that will provision the request
urn:oasis:names:tc:xacml:1.0:environment:current-dateTimeRepresents the time at the server that will provision the request
urn:mace:projectbamboo.org:attribute:1.0:app-contract-typeRepresents the Contract Type that would be passed by the application making the request, where "contract type" refers to contractual relationships in the Bamboo Trust Federation, such as "Trusted Application" or "Innovation Licensed Application." Cf. Maintaining Application Catalog Data for Trusted Clients.

...