|
|
|
Variables allow you to include business logic in policies by capturing a wide range of dynamic data that can be built into policy expressions. When you define variable objects in the Administrative UI, you may use those variables in expressions in the Policy dialog on the Expression tab. You can build expressions that use multiple variable objects and boolean operators to capture very complex business logic in your policies.
For example, a policy may contain an expression that requires the value of a user’s account type and a credit score in order to allow access to an application. An expression can be defined in the policy so that only users whose account type is “gold”, and whose credit score is greater than a specific value may have access to a resource. This example requires two variables, which must be combined in an expression on the Expression tab of the Policy dialog.
Note: Variables can only be used in policy expressions when using traditional (policy domain-based) policy management. They are not available when using enterprise (application-based) policy management.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |