Mapping configuration
This is the second part of the configuration, where the attribute-specific configuration is managed.
| XML element or attribute | Description | Supported format |
|---|---|---|
xacmlAttribute | The XACML attribute to be fetched from this attribute source. | A valid XACML-format attribute contains XML attributes for AttributeId, Category, DataType, and Issuer. |
tableName | The database table name from which the target XACML attribute value is fetched. | Any valid JDBC database table specification. The exact format depends on the database used. |
columnName | The column name of the specified table from which the target XACML attribute value is fetched. | Any valid JDBC database column name. The exact format may depend on the database used. |
key | Other XACML attributes and their corresponding column names in the specified table that act as keys to the target attribute. | A valid XACML-format attribute contains XML attributes for AttributeId, Category, DataType, and Issuer. |
uId | An identifier used to distinguish otherwise identical mappings for the purpose of caching. | The element is required, but can contain an arbitrary value. |
isSingleValued | This indicates whether or not a lookup of the target attribute is expected to lead to one or several values as a result. This information does not affect the way the attribute connector retrieves attributes. It is only used in the context of supporting other capabilities of an attribute connector host. |
The attribute allowMultiple is deprecated and does not have any functionality. It remains in the XML configuration for reasons of compatibility.
The Table Attribute Connector ignores mappings with no keys. This is not consistent with general attribute connector behavior. Mappings with no keys are only used in the context of other tools.
The illustration shows an example of how the XML elements can be implemented. It is an extract from the sample XML-format configuration file supplied in the appendix XML Configuration.
<!-- mapping for allergy test -->
<cfg:mapping isSingleValued="false">
<cfg:xacmlAttribute AttributeId="food-group-name" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer=""/>
<cfg:tableName>food-group-table</cfg:tableName>
<cfg:columnName>food-group-name</cfg:columnName>
<cfg:key allowMultiple="false">
<cfg:xacmlAttribute AttributeId="food-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer=""/>
<cfg:columnName>food-id</cfg:columnName>
</cfg:key>
<cfg:uId>1</cfg:uId>
</cfg:mapping>
Mapping configuration example
Several key attributes can be specified for a given target attribute that is to be looked up with a composite key.
The isSingleValued element should be set to true if this attribute mapping is guaranteed to return only a single value, as opposed to a set of values. This setting is only important if the Table Attribute Connector is to be used as a Target Connector in a host that supports the ARQ SQL capability since it allows the ARQ SQL engine to make optimizations accordingly.
Key attribute
An attribute passed to the Table Attribute Finder in runtime as a key to lookup another attribute can either contain no key value (an empty set), a single key value, or multiple key values. In cases where
No key value is given - the Attribute Finder will return
empty setA single key value is given - the Attribute Finder runs the query and returns the retrieved data
Multiple key values are given - the Attribute Finder runs a single query where all the values of the key attributes are used
XACML to SQL mappings and conversions
The Table Attribute Connector performs the following XACML to SQL mappings and conversions:
Attributes of data type Integer are not converted
Attributes of other data types are converted to String
The final attribute values (Integer or String) are included in the IN CLAUSE of a parameterized select query
The parameterized query is assigned to a prepared_query variable which is created by the Prepared Statement class.
For the Integer case:
SELECT column_name FROM table WHERE key_attribute_column IN (1)
For all other cases:
SELECT column_name FROM table WHERE key_attribute_column IN ('12.4')