Previous Topic: Web Service VariablesNext Topic: Key and Certificate Management


Create a Variable

You create a variable to make it available for use in policies or responses. Variables are domain objects. You create them within a specific policy domain, or import them into a domain using the smobjimport tool.

More information about importing objects into policy domains exists in the Policy Server Administration guide.

More information:

Domains

Create a Static Variable

You can create a static variable to make it available for use in policies or responses.

Note: The value of the resolved variable must not be greater than 1K.

To create a variable

  1. Click Policies, Domain.
  2. Click Variables.

    The Variables page appears.

  3. Click Create Variable.

    Verify that the Create a new object of type Variable option is selected.

  4. Click OK.

    The Create Variable :Select Domain page appears.

  5. Select a domain from the list and click Next.

    The Create Variable: Define Variable page appears.

  6. Type the variable name in the Name field.
  7. Select Static from the Variable Type list.

    Static variable settings open.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  8. Specify the data type and value of the variable in Variable Information.
  9. Click Submit.

    The variable appears in the Variables tab of the domain. The variable can now be used in policy expressions or responses.

Create a Request Context Variable

You can create a request context variable to make it available for use in policies or responses.

Note: The value of the resolved variable must not be greater than 1K.

To create a variable

  1. Click Policies, Domain.
  2. Click Variables.

    The Variables page appears.

  3. Click Create Variable.

    Verify that the Create a new object of type Variable option is selected.

  4. Click OK.

    The Create Variable :Select Domain page appears.

  5. Select a domain from the list and click Next.

    The Create Variable: Define Variable page appears.

  6. Type the variable name in the Name field.

    Note: Request Context variable names must begin with the percent character (%).

    Example: %REQUEST_ACTION

  7. Select Request Context from the Variable Type list.

    Request context settings open.

  8. Select the variable value from the Property list.
  9. Click OK.

    The variable appears in the Variables tab of the domain. The variable can now be used in policy expressions or responses.

Create a User Context Variable

You create a user context variable to make it available for use in policies or responses.

Note: The value of the resolved variable must not be greater than 1K.

To create a variable

  1. Click Policies, Domain.
  2. Click Variables.

    The Variables page appears.

  3. Click Create Variable.

    Verify that the Create a new object of type Variable option is selected.

  4. Click OK.

    The Create Variable :Select Domain page appears.

  5. Select a domain from the list and click Next.

    The Create Variable: Define Variable page appears.

  6. Type the variable name in the Name field.

    Note: User Context variable names must begin with the percent character (%).

    Example: %SM_USERPATH

  7. Select User Context from the Variable Type list.

    User context settings open.

  8. Select the portion of the user context that provides the value of the variable from the Item list.
  9. (Required for Session Variable) Specify the type of data represented by the variable (Boolean, Number, String, or Date) in the Return Type field.

    For other Item list selections, the Return Type value is preset as String or Boolean as appropriate and not user-configurable.

  10. (Required for User Property, Directory Entry, and Session Variable) Enter the name of the directory or user attribute that provides the variable value in the Property field.
  11. (Required for User Property, Directory Entry, and Session Variable) Enter the size of the buffer (in bytes) that is to store the variable in the Buffer field.
  12. (Required for Directory Entry) Enter the distinguished name of the directory entry in the DN field.
  13. Click Submit.

    The variable appears in the Variables tab of the domain. The variable can now be used in policy expressions or responses.

Configure Support for Multiple Value User Attribute Results When Processing User Context Variables

By default, user context variables that are configured to obtain the value of a specified user property in the directory only support single value user attributes.

You can configure the Policy Server to support multiple value user attribute results when processing user context variables.

Follow these steps:

  1. Stop the Policy Server.
  2. Open the following file in a text editor:

    ps_install_dir\config\properties\scriptActiveExpConfig.properties

  3. Add a new line containing the following entry anywhere in the file:
    ALLOW_MULTIVALUSERATTR=1
    
  4. Save the file and exit the text editor.
  5. Start the Policy Server
Create a Form Post Variable

You can create a Form Post variable to make it available for use in policies.

Note: The value of the resolved variable must not be greater than 1K.

To create a variable

  1. Open the domain to which to you want to add a variable.
  2. Click the Variables tab.

    A table lists the variables associated with the domain.

  3. Click Create Variable.

    The Create Variable screen appears.

  4. Verify that Create a new object is selected, and click OK.

    Variable settings open.

  5. Type the variable name in the Name field.
  6. Select Post from the Variable Type list.

    Form post settings open.

  7. Enter the name of the POST variable contained in the form in the Form Field Name field.
  8. Click OK.

    The variable appears in the Variables tab of the domain. The variable can now be used in policy expressions.

Create a Web Services Variable

You create a Web Services variable to make it available for use in policies or responses.

Note: The value of the resolved variable must not be greater than 1K.

To create a variable

  1. Click Policies, Domain.
  2. Click Variables.

    The Variables page appears.

  3. Click Create Variable.

    Verify that the Create a new object of type Variable option is selected.

  4. Click OK.

    The Create Variable :Select Domain page appears.

  5. Select a domain from the list and click Next.

    The Create Variable: Define Variable page appears.

  6. Type the variable name in the Name field.
  7. Select Web Service from the Variable Type list.

    Web Service settings appear.

  8. Select the data type from the Return Type list.
  9. Type the Web Service URL in the URL field.
  10. Type the XPath query in the XPath field.

    Note: The Policy Server uses this query to extract the value of the Web Service variable from the SOAP document returned by the Web Service.

  11. (Optional) Select the Require Credentials option in Web Service Credentials and specify the user name and password that the Policy Server is to use when connecting to the Web Service.
  12. (Optional) Click the following button in the SOAP Document section to add existing variables to the SOAP message:

    Variable

  13. (Optional) Click Add in HTTP Headers to associate an HTTP header with the Web Service variable.
  14. Click Finish.

    The variable appears on the Variables tab of the domain and can now be used in policy expressions or responses.