|
|
|
The data types and structures are used in the Directory API, but may also be used by other SiteMinder APIs.
Sm_Api_DisabledReason_t enumerates the reasons that a user account can be disabled.
The following Directory API functions use Sm_Api_DisabledReason_t:
When a user's account is enabled or disabled, the SiteMinder Policy Server calls SmDirSetUserDisabledState(). This call gives you the opportunity to set the disabled flag in your custom directory to one or more of the disabled reasons, as enumerated in Sm_Api_DisabledReason_t. If a user's account is disabled or enabled, SmDirGetUserDisabledState() returns the disabled reason(s). When implementing SmDirGetUserDisabledState(), return Sm_Api_Disabled_Enabled if your custom directory does not support a disabled flag.
Note: A user's account can be disabled for multiple reasons. For example, if the User must change password at next login checkbox is checked and the administrator then clicks Disable, the nDisabledReason holds both the Sm_Api_Disabled_PWMustChange bit and the Sm_Api_Disabled_AdminDisabled bit.
The disabled flag is a SiteMinder user attribute. In the SiteMinder Administrative UI, on the User Attributes tab of the User Directory Dialog box, enter the attribute name in the Disabled Flag field. In the sample, the attribute name is Disabled.
The structure Sm_Api_Context_t gives the function pointers for the SiteMinder logging utility, trace utility, and error utility.
Sm_Api_Reason_t enumerates the reasons for an access event, such as an authentication failure. When a user supplies credentials for authentication, the SiteMinder Policy Server, validating the username and DN, calls SmDirAuthenticateUser(). This call gives you the opportunity to return information about the access event.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |