Version: 1.1

XML Parser sample configuration

In this example, the source is embedded as dynamic, base64-encoded XML content that decodes to <users><alice><role>manager</role></alice></users>. The attribute connector is configured to extract values from the source using the XPath expression /users/##1##/role/text(). The value for the parameter ##1## comes from the attribute pip.username.

Finally, the extracted values are provided to the connector host in the attribute pip.role.

XML
JSON
YAML

<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns="http://www.axiomatics.com/attributeconnector/parser/xml/configuration"
  identifier="xml-parser">
  <source encoded="true">
    <xacmlAttribute AttributeId="pip.payload"
      Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
      DataType="http://www.w3.org/2001/XMLSchema#string"/>
  </source>
  <mapping>
    <xacmlAttribute AttributeId="pip.role"
      Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
      DataType="http://www.w3.org/2001/XMLSchema#string"/>
    <xPath>/users/##1##/role/text()</xPath>
    <key>
      <xacmlAttribute AttributeId="pip.username"
        Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
        DataType="http://www.w3.org/2001/XMLSchema#string"/>
    </key>
  </mapping>
</configuration>

JSON configuration files offer the option to use either ALFA or XACML for policy definitions.

XACML
ALFA

xmlParser.config.json
{
  "identifier": "xml-parser",
  "source": {
    "xacmlAttribute": {
      "category": "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject",
      "attributeId": "pip.payload",
      "datatype": "http://www.w3.org/2001/XMLSchema#string",
      "issuer": ""
    }
  },
  "mappings": [
    {
      "xacmlAttribute": {
        "category": "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject",
        "attributeId": "pip.role",
        "datatype": "http://www.w3.org/2001/XMLSchema#string",
        "issuer": ""
      },
      "xPath": "/users/##1##/role/text()",
      "keys": [
        {
          "xacmlAttribute": {
            "category": "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject",
            "attributeId": "pip.username",
            "datatype": "http://www.w3.org/2001/XMLSchema#string",
            "issuer": ""
          }
        }
      ]
    }
  ]
}

xmlParser.config.alfa.json
{
  "identifier": "xml-parser",
  "source": {
    "attributeName": "pip.payload"
  },
  "mappings": [
    {
      "attributeName": "pip.role",
      "xPath": "/users/##1##/role/text()",
      "keys": [
        {
          "attributeName": "pip.username"
        }
      ]
    }
  ]
}

YAML configuration files offer the option to use either ALFA or XACML for policy definitions.

XACML
ALFA

xmlParser.config.yaml
identifier: xml-parser
source:
  xacmlAttribute:
    category: "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
    attributeId: "pip.payload"
    datatype: "http://www.w3.org/2001/XMLSchema#string"
    issuer: ""
mappings:
  - xacmlAttribute:
      category: "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
      attributeId: "pip.role"
      datatype: "http://www.w3.org/2001/XMLSchema#string"
      issuer: ""
    xPath: "/users/##1##/role/text()"
    keys:
      - xacmlAttribute:
          category: "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
          attributeId: "pip.username"
          datatype: "http://www.w3.org/2001/XMLSchema#string"
          issuer: ""

xmlParser.config.alfa.yaml
identifier: xml-parser
source:
  attributeName: "pip.payload"
mappings:
  - attributeName: "pip.role"
    xPath: "/users/##1##/role/text()"
    keys:
      - attributeName: "pip.username"