|
|
|
Federation Manager offers two ways of using attributes to customize target applications.
You can include attributes from a user store record in an assertion to identify a user for the purpose of customizing an application.
Attributes can be used by servlets, web applications, or other custom applications to display customized content or enable and disable other custom features. When used with web applications, attributes can implement fine-grained access control by limiting what a user can do at the target site. For example, you can send an attribute variable named Account Balance and set it to reflect the account holdings of the user at BankLtd.
Attributes take the form of name/value pairs. When the relying party receives the assertion, it takes the attribute values and makes them available to applications.
A set of assertion attributes received by the relying party can be mapped to a set of application attributes being delivered to the target application.
For example, FinancePro includes an assertion attribute CellNo=5555555555. At BankLtd, this attribute name is transformed to an application attribute Mobile=5555555555. The attribute name is converted but the value remains the same.
Multiple assertion attributes can also be transformed into a single application attribute. For example, FinancePro sends an incoming assertion with the attributes Acct=Savings and Type=Retirement and transformed at BankLtd into FundType= Retirement Savings.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |