Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.2

...

For simple Authentication Method attribute renaming, an Authorization Policy can be used. Authorization Policies determine which user attributes are passed to Web AgentsApplications. It is also possible to rename method attributes using the method tag, as described in Site Methods.

The attribute mappings screen (Home, Attribute Mappings) presents a list of method attribute mapping tables.

Image RemovedImage Added

Figure 2: Attribute Mappings list
  • New Mapping
    Create a new method attribute mapping table
  • Delete Mapping
    Delete selected method attribute mapping tables
  • Method attribute mapping table
    Method attribute mapping table configuration view may be opened by clicking the name of method attribute mapping table in the list.

Main View

Image RemovedImage Added

Figure 3: Attribute Mappings main view
  • Name 
    Name of the method attribute mapping table
  • Description 
    Description of the method attribute mapping table
  • Update
    Update the modified description
  • New
    Create a new method attribute mapping table
  • Delete
    Delete the method attribute mapping table
  • Rename
    Rename the method attribute mapping table

Attributes View

Image RemovedImage Added

Figure 4: Attribute Mappings Attributes view

...

  • Attribute Mapping Entry
    Click a method attribute mapping entry to edit values
  • Name
    Name defines the name of an attribute to be set.
  • Value
    Value may be a constant string, a method attribute enclosed in curly braces, or a combination. Method attribute names enclosed in curly braces are replaced with corresponding method attribute values. Final attribute value is a concatenation of constant strings and replaced method attribute values. Curly braces may also contain an operation defined by a prefix. Syntax and supported prefixes are described below.
    • Prefix-syntax
      Entries may contain strings of following form: {prefix:value} Prefix defines the operation to be performed for value, which in turn may be a string, a method attribute, or an operation. If prefix is omitted, method is assumed as a default.
    • Supported prefixes
      • method
        Value refers to a method attribute. Entry is replaced with value of defined method attribute. If no prefix is defined, default is method. For example, {method:CUSTID} and {CUSTID} both refer to value of method attribute CUSTID.
      • uppercase
        Value is transformed to upper case. For example, {uppercase:{CUSTNAME}} is replaced with value of method attribute CUSTNAME transformed to uppercase.
      • lowercase
        Value is transformed to lower case. For example, {lowercase:{CUSTNAME}} is replaced with value of method attribute CUSTNAME transformed to lowercase.
      • vtj
        Used only for Finnish identity number conversion. Value must be satuhetu. Entry is replaced with a result of a satu-hetu query. The utilized authentication method must be assigned with a satu-hetu-configuration and must have resolved the user's certificate. Please refer to Ubisecure Certificate or ETSI MSSP Authentication method documentation for more information about configuring soso. For example, {vtj:satuhetu} is replaced with result of satu-hetu query.
  • Precondition (optional)
    Precondition may be defined for setting an attribute. Precondition syntax follows the LDAP search filter syntax. Please refer to RFC 2254 (http://www.rfc-editor.org/rfc/rfc2254.txt) for a specification of the LDAP search filter syntax.
    Supported logical connectors include AND (&), OR (|), and NOT (!). Equality (=) symbol is the only supported matching operator. The value may be a constant string or an asterisk (*) symbol. Asterisk represents all non-empty values. Attribute names and values are case-sensitive, and must not contain any of the following characters: "&", "|", "!", "=", "(", and ")". Please refer to the authentication methods documentation for information about the attributes set by specific methods.
    Example: CUSTTYPE=01 represents a simplest possible precondition. It consists of a single method attribute name CUSTTYPE, an equality operator, and a value 01. Precondition evaluates successfully if the value of method attribute CUSTTYPE is exactly 01. More complex preconditions may be constructed with logical operators. For example, precondition (|(CUSTTYPE=01)(CUSTTYPE=02)) evaluates successfully if the value of method attribute CUSTTYPE is either 01 or 02.
  • Add
    Create a new attribute mapping entry
  • Remove
    Remove selected attribute mapping entries

Methods View

Image RemovedImage Added

Figure 5: Attribute Mappings Methods view

...