Previous Topic: Sm_AgentApi_AgentDiscovery_tNext Topic: Sm_AgentApi_Init_t


Sm_AgentApi_Attribute_t

This structure defines information about a response attribute.

Syntax

This structure has the following format:

typedef struct Sm_AgentApi_Attribute_s
{
   long nAttributeId;
   long nAttributeTTL;
   long nAttributeFlags;
   char lpszAttributeOid[SM_AGENTAPI_SIZE_OID];
   long nAttributeLen;
   char* lpszAttributeValue;
} Sm_AgentApi_Attribute_t;

Parameters

This structure has the following parameters:

nAttributeId

ID of the response attribute.

nAttributeTTL

The time-to-live value (in seconds) for the response attribute. The attribute remains in cache for the duration of the TTL value.

nAttributeFlags

Response attribute flag. This flag is used in the following session store functions:

See the ppRespAttributes parameter of these functions for more information.

lpszAttributeOid

The response attribute object identifier.

nAttributeLen

The length of the response attribute.

lpszAttributeValue

The null-terminated attribute value of a response attribute.

Remarks

The following well-known authentication attributes are returned by Sm_AgentApi_Login() and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:

SM_AGENTAPI_ATTR_AUTH_DIR_OID

The Siteminder object id of the directory where the user was authenticated. This is the internal object id assigned to the SiteMinder user directory.

SM_AGENTAPI_ATTR_AUTH_DIR_NAME

The SiteMinder "name" specification of the directory where the user was authenticated. This is the directory name specified in the SiteMinder User Directory Dialog.

SM_AGENTAPI_ATTR_AUTH_DIR_SERVER

The SiteMinder "server" specification of the directory where the user was authenticated. This is the directory server specified in the SiteMinder User Directory Dialog.

SM_AGENTAPI_ATTR_AUTH_DIR_NAMESPACE

The SiteMinder "namespace" specification of the directory where the user was authenticated. This is the directory namespace (LDAP:, ODBC:, WinNT:, AD:) as specified in the SiteMinder User Directory Dialog.

SM_AGENTAPI_ATTR_USERMSG

The text presented to the user as a result of authentication. Some authentication schemes supply challenge text or a reason why an authentication has failed. A value for this attribute can be provided through the lpszUserMsg parameter of SmAuthenticate().

SM_AGENTAPI_ATTR_USERDN

The user’s distinguished name as recognized by SiteMinder.

This attribute is also used in single sign-on operations.

SM_AGENTAPI_ATTR_USERUNIVERSALID

The user’s universal id, as set in the user directory.

SM_AGENTAPI_ATTR_IDENTITYSPEC

The user’s identity ticket. SiteMinder returns this if the user tracking feature has been enabled.

The following well-known attributes are used in single sign-on operations and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:

SM_AGENTAPI_ATTR_USERDN

The user’s distinguished name.

SM_AGENTAPI_ATTR_SESSIONSPEC

The session specification returned from the login call.

SM_AGENTAPI_ATTR_SESSIONID

The session ID returned from the login call.

SM_AGENTAPI_ATTR_USERNAME

The user’s name.

SM_AGENTAPI_ATTR_CLIENTIP

The IP address of the machine where the user initiated a request for a protected resource.

SM_AGENTAPI_ATTR_DEVICENAME

The name of the agent that is decoding the token.

SM_AGENTAPI_ATTR_InnnnnDLESESSIONTIMEOUT

Maximum idle time for a session.

SM_AGENTAPI_ATTR_STARTSESSIONTIME

The time the session started after a successful login.

SM_AGENTAPI_ATTR_LASTSESSIONTIME

The time that the Policy Server was last accessed within the session.

SM_AGENTAPI_ATTR_SSOZONE

Specifies the designation of the SSO zone name, which you provide when you call the Sm_AgentApi_CreateSSOToken method. If you do not specify a zone name, the default is "SM." You can read this value in the in the attribute list returned by the Sm_AgentApi_DecodeSSOToken method.

The following well-known management attributes are returned by Sm_AgentApi_DoManagement() and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:

SM_AGENTAPI_AFFILIATE_KEY_UPDATE

Instructs the agent to update the name of the affiliate agent.

SM_AGENTAPI_AGENT_KEY_UPDATE_NEXT

Instructs the agent to update its "next" Agent key. The value contains 24 bytes of binary data.

SM_AGENTAPI_AGENT_KEY_UPDATE_LAST

Instructs the agent to update its "last" Agent key. The value contains 24 bytes of binary data.

SM_AGENTAPI_AGENT_KEY_UPDATE_CURRENT

Instructs the agent to update its "current" Agent key. The value contains 24 bytes of binary data.

SM_AGENTAPI_AGENT_KEY_UPDATE_ PERSISTENT

Instructs the agent to update its static (persistent) Agent key. The value contains 24 bytes of binary data.

SM_AGENTAPI_CACHE_FLUSH_ALL

Instructs the agent to flush all information in its caches.

SM_AGENTAPI_CACHE_FLUSH_ALL_USERS

Instructs the agent to flush all user information stored in its caches.

SM_AGENTAPI_CACHE_FLUSH_THIS_USER

Instructs the agent to flush all cache information pertaining to a given user. The value contains the following: <user dir oid> / <user dn>.

SM_AGENTAPI_CACHE_FLUSH_ALL_REALMS

Instructs the agent to flush all resource information stored in its caches.

SM_AGENTAPI_CACHE_FLUSH_THIS_REALM

Instructs the agent to flush all resource information pertaining to a given realm. The value is a realm OID.