x1143-AppIII-Example message access control policy.xml: <a href="/ITU-T/recommendations/fl.aspx?id=9285" target="

-- XML schema extracted from ITU-T X.1143 (11/2007)

<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
   xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os 
   http://www.itu.int/ITU-T/formal-language/xml/database/itu-t/x/x1142/2006/x1142-AnnD.2%20XACML%20policy%20schema.xsd"
   PolicyId="urn:oasis:names:tc:example:Ex1" 
   RuleCombiningAlgId="identifier:rule-combining-algorithm:deny-overrides">
<Description>
      	Example message access control policy
    </Description>
<Target/>
<Rule RuleId="urn:oasis:names:tc:xacml:2.0:example:Ex1" Effect="Permit">
	   <Description>
   			Only administrator can Reboot the system
  	   </Description>
	   <Target>
		  <Subjects>
			<Subject>
				<SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
				  <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">
               			administrator
      			  </AttributeValue>
				  <SubjectAttributeDesignator 				    AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"	DataType="http://www.w3.org/2001/XMLSchema#string"/>
				</SubjectMatch>
			</Subject>
		  </Subjects>
	   	  <Resources>
			<Resource>			
			    <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
            	  <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">
					    http://localhost:8080/services/Reboot
				  </AttributeValue>
            	  <ResourceAttributeDesignator				DataType="http://www.w3.org/2001/XMLSchema#anyURI"                                       	AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/>
           		</ResourceMatch>
		    </Resource>
	 	  </Resources>
	   </Target>
	 </Rule>
</Policy>