...
For simple Authentication Method attribute renaming, an Authorization Policy can be used. Authorization Policies determine which user attributes are passed to Web AgentsApplications. It is also possible to rename method attributes using the method tag, as described in Site Methods.
The attribute mappings screen (Home, Attribute Mappings) presents a list of method attribute mapping tables.
Figure 2: Attribute Mappings list |
- New Mapping
Create a new method attribute mapping table - Delete Mapping
Delete selected method attribute mapping tables - Method attribute mapping table
Method attribute mapping table configuration view may be opened by clicking the name of method attribute mapping table in the list.
Main View
Figure 3: Attribute Mappings main view |
- Name
Name of the method attribute mapping table - Description
Description of the method attribute mapping table - Update
Update the modified description - New
Create a new method attribute mapping table - Delete
Delete the method attribute mapping table - Rename
Rename the method attribute mapping table
Attributes View
Figure 4: Attribute Mappings Attributes view |
...
- Attribute Mapping Entry
Click a method attribute mapping entry to edit values - Name
Name defines the name of an attribute to be set. - Value
Value may be a constant string, a method attribute enclosed in curly braces, or a combination. Method attribute names enclosed in curly braces are replaced with corresponding method attribute values. Final attribute value is a concatenation of constant strings and replaced method attribute values. Curly braces may also contain an operation defined by a prefix. Syntax and supported prefixes are described below.- Prefix-syntax
Entries may contain strings of following form: {prefix:value} Prefix defines the operation to be performed for value, which in turn may be a string, a method attribute, or an operation. If prefix is omitted, method is assumed as a default. - Supported prefixes
- method
Value refers to a method attribute. Entry is replaced with value of defined method attribute. If no prefix is defined, default is method. For example, {method:CUSTID} and {CUSTID} both refer to value of method attribute CUSTID. - uppercase
Value is transformed to upper case. For example, {uppercase:{CUSTNAME}} is replaced with value of method attribute CUSTNAME transformed to uppercase. - lowercase
Value is transformed to lower case. For example, {lowercase:{CUSTNAME}} is replaced with value of method attribute CUSTNAME transformed to lowercase. - vtj
Used only for Finnish identity number conversion. Value must be satuhetu. Entry is replaced with a result of a satu-hetu query. The utilized authentication method must be assigned with a satu-hetu-configuration and must have resolved the user's certificate. Please refer to Ubisecure Certificate or ETSI MSSP Authentication method documentation for more information about configuring soso. For example, {vtj:satuhetu} is replaced with result of satu-hetu query.
- method
- Prefix-syntax
- Precondition (optional)
Precondition may be defined for setting an attribute. Precondition syntax follows the LDAP search filter syntax. Please refer to RFC 2254 (http://www.rfc-editor.org/rfc/rfc2254.txt) for a specification of the LDAP search filter syntax.
Supported logical connectors include AND (&), OR (|), and NOT (!). Equality (=) symbol is the only supported matching operator. The value may be a constant string or an asterisk (*) symbol. Asterisk represents all non-empty values. Attribute names and values are case-sensitive, and must not contain any of the following characters: "&", "|", "!", "=", "(", and ")". Please refer to the authentication methods documentation for information about the attributes set by specific methods.
Example: CUSTTYPE=01 represents a simplest possible precondition. It consists of a single method attribute name CUSTTYPE, an equality operator, and a value 01. Precondition evaluates successfully if the value of method attribute CUSTTYPE is exactly 01. More complex preconditions may be constructed with logical operators. For example, precondition (|(CUSTTYPE=01)(CUSTTYPE=02)) evaluates successfully if the value of method attribute CUSTTYPE is either 01 or 02. - Add
Create a new attribute mapping entry - Remove
Remove selected attribute mapping entries
Methods View
Figure 5: Attribute Mappings Methods view |
...