Programming Guides › Programming Guide for Perl › CLI Policy Management Methods › Session Methods › CreateAuthAzMap Method—Creates Directory Mapping Object

CreateAuthAzMap Method—Creates Directory Mapping Object

The CreateAuthAzMap method creates an authentication and authorization directory mapping object.

Syntax

The CreateAuthAzMap method has the following format:

Netegrity::PolicyMgtSession‑>CreateAuthAzMap(authDir, azDir, mapType)

Parameters

The CreateAuthAzMap method accepts the following parameters:

authDir (PolicyMgtUserDir object)

Specifies the user directory to use when authenticating the user.

azDir (PolicyMgtUserDir object)

Specifies the user directory to use when authorizing the user.

mapType (int)

Specifies the type of directory mapping.

• AUTHAZMAPTYPE_DN (value = 1)

  Specifies mapping based on a DN.

• AUTHAZMAPTYPE_UNIVERSALID (value = 2)

  Specifies mapping based on a universal identifier.

• AUTHAZMAPTYPE_ATTR (value = 3)

  Specifies mapping based on an attribute in the user directory.

Return Value

The CreateAuthAzMap method returns one of the following values:

• PolicyMgtAuthAzMap (object)
• undef if the call is unsuccessful

Remarks

SiteMinder uses the same user directory to authenticate and authorize users. In addition, SiteMinder allows you to specify one user directory for authentication and another user directory for authorization. This feature is called directory mapping. Directory mapping is especially useful, when authentication information is stored in a central directory, but authorization information is stored in multiple directories, each one associated with a particular application.