Programming Guides › Programming Guide for Perl › CLI Policy Management Methods › Domain Methods › CreateRealm Method—Creates and Configures a Top-level Realm in the Domain

CreateRealm Method—Creates and Configures a Top-level Realm in the Domain

The CreateRealm method creates and configures a top-level realm in the domain.

Syntax

The CreateRealm method has the following format:

Netegrity::PolicyMgtDomain‑>CreateRealm(realmName, agent, authScheme [, realmDesc] [, resFilter] [, procAuthEvents] [, procAzEvents] [, protectAll] [, maxTimeout] [, idleTimeout] [, syncAudit] [, azUserDir] [, regScheme])

Parameters

The CreateRealm method accepts the following parameters:

realmName (string)

Specifies the name of the realm.

agent (PolicyMgtAgent)

Specifies the agent or agent group that protects the realm.

authScheme (PolicyMgtAuthScheme)

Specifies the authentication scheme to associate with the realm.

realmDesc (string)

(Optional) Specifies the realm description.

resFilter (string)

(Optional) Specifies the resource filter for the realm.

procAuthEvents (int)

(Optional) Specifies whether to process authentication events -- 1 to enable or 0 to disable. Default is enabled. Authentication event processing affects performance. If no rules in the realm are to be triggered by authentication events, set this flag to 0.

procAzEvents (int)

(Optional) Specifies whether to process authorization events -- 1 to enable or 0 to disable. Default is enabled. Authorization event processing affects performance. If no rules in the realm are to be triggered by authorization events, set this flag to 0.

protectAll (int)

(Optional) Specifies whether to activate default resource protection -- 1 to enable or 0 to disable. Default is enabled.

maxTimeout (int)

(Optional) Specifies the maximum time, in seconds, a user can access the realm before re-authentication is required. Default is 7200 (2 hours).

idleTimeout (int)

(Optional) Specifies the maximum time, in seconds, a user can remain inactive in the realm before re-authentication is required. Default is 3600 (1 hour).

syncAudit (int)

(Optional) Specifies lag for enabling synchronous auditing -- 1 to enable or 0 to disable. When this flag is enabled, SiteMinder logs Policy Server and agent actions before it allows access to resources. Default is disabled.

azUserDir (PolicyMgtUserDir)

(Optional) Specifies The directory where users in the realm will be authorized. Default is the default directory.

regScheme (type)

(Optional) Specifies the registration scheme used to register new users accessing resources in the realm.

Return Value

The CreateRealm method returns one of the following values:

• A PolicyMgtRealm object
• undef if the call was unsuccessful

Remarks

This method creates a realm that is configured for non-persistent sessions. To configure the realm for SiteMinder 5.0 persistent sessions, edit the realm in the Administrative UI.

Note: The Policy Management API only manipulates realms that are direct descendants of the object whose method has been called, as follows:

• For a realm under a domain, you can only manipulate the top-level realms in a domain object.
• For a realm under a realm, you can only manipulate realms that are directly under the parent realm.