In this use case, a retail clothing company wants to define a role preventing customers from making web-based credit purchases if they have exceeded their credit limit. The company policy dictates that customers have a $1,000 credit limit, while company employees may have a $2,000 credit limit.
You can create an application security policy using attribute mapping, named expressions (virtual user attributes and user classes) and roles to satisfy the company's credit policy.
Given:
group:cn=Customers,ou=Groups,o=acme.com
Solution:
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |