Hierarchical attributes in XACML Policy
问题 We are using WSO2 Identity Server 5.1.0 . We have a location hierarchy like Plant1->Area1->unit1. Now if a user is having attribute for the Plant1, he should get access to unit1 as well (all children of the parent in a tree). Can we specify this in XACML? We have the hierarchy stored in DB. We can provide the list of hierarchical elements as a list of attributes also if so required. Problem explained in sample : A user bob has been given access to area2 as shown below : Plant1 |--Area1 |-