Previous Topic: VariablesNext Topic: Variables Overview


eTelligent Rules

You can use eTelligent Rules to define variables that enable fine-grained access-control criteria known as policy expressions.

Policy expressions are implemented as policy attributes. They include operators and customer-defined variables that are evaluated at runtime, when a user actually needs to access a protected resource on a Web site.

Variables can store local information that is within the enterprise or remote information that is provided by various Web Services.

The variables provided by eTelligent Rules are available in the Administrative UI. You can define variable objects and incorporate them into policy logic through policy expressions. You can also include variables in CA SiteMinder® response objects.

CA SiteMinder® eTelligent Rules Benefits
eTelligent Rules Configuration

The tasks require to configure eTelligent Rules are as follows:

More information:

Policies

Variables Overview

eTelligent Rules Properties Files

eTelligent Rules Properties Files

The following properties files are for eTelligent Rules:

More information:

JVMOptions.txt File

Modify the LoggerConfig.properties File

JVMOptions.txt File

The JVMOptions.txt file contains the settings that the Policy Server uses when creating the Java Virtual Machine that is used to support eTelligent Rules.

If you encounter errors related to missing classes, you may need to modify the classpath directive in the JVMOptions.txt file. For complete information about the settings contained in the JVMOptions.txt file, see your Java documentation.

Modify the LoggerConfig.properties File

On the Policy Server, the LoggerConfig.properties file allows you to specify logging features that are used when you start the SiteMinder service from a command line. The properties contained in this file are not used when the service is started from the Policy Server Management Console. The settings in this file are generally only used for debugging purposes.

You may want to modify this file to obtain more output for debugging purposes.

The following shows an example of a LoggerConfig.properties file.

// LoggingOn can be Y, N
LoggingOn=Y

// LogLevel can be one of LOG_LEVEL_NONE, LOG_LEVEL_ERROR,
LOG_LEVEL_INFO, LOG_LEVEL_TRACE
LogLevel=LOG_LEVEL_TRACE

// If LogFileName is set Log output will go to the file named
LogFileName=affwebserv.log

// AppendLog can be Y, N.  Y means append output to LogFileName if
specified
AppendLog=Y

// AlwaysWriteToSystemStreams can be Y, N.  
// Y means log messages are written to System.out
// or System.err regardless of what the logger streams are
// set to.  If the logger streams are set to System.out
// or System.err log messages will be written multiple times.
// This facilitates logging messages to System.out/System.err
// and a file simultaneously.
AlwaysWriteToSystemStreams=N

// DateFormatPattern can be any valid input to java.text.DateFormat
constructor.
// See the Java documentation for java.text.DateFormat for details
// If not specified, the default format for the default locale is used
DateFormatPattern=MMMM d, yyyy h:mm:ss.S a

The settings in this file are:

LoggingOn

Enables or disables logging. Set this parameter to Y to enable logging. Set this parameter to N to disable logging.

LogLevel

Indicates the level of detail contained in logs. The LogLevel can be one of the following:

LOG_LEVEL_NONE

No messages will be logged.

LOG_LEVEL_ERROR

Only records error messages.

LOG_LEVEL_INFO

Records error messages and warnings.

LOG_LEVEL_TRACE

Records error messages, warnings, and general processing information that may be useful for tracking problems.

LogFileName

If LogFileName is set, all log output will go to the file named in this parameter.

AppendLog

Indicates whether log information should be appended to an existing file at startup or a new file should be created at startup. Set this parameter to Y to append output to the file specified in the LogFileName parameter. Set this parameter to N if a new file should be created at startup.

AlwaysWriteToSystemStreams

Set this parameter to Y to log messages to System.out or System.err regardless of what the logger streams are set to. If the logger streams are set to System.out or System.err, log messages will be written multiple times. This facilitates logging messages to System.out/System.err and a file simultaneously.

DateFormatPattern

DateFormatPattern can be any valid input to java.text.DateFormat constructor. See the Java documentation for java.text.DateFormat for details.

If not specified, the default format for the default locale is used.