Programming Guides › Programming Guide for Perl › CLI Policy Management Methods › Realm Methods › CreateChildRealm Method—Creates and Configures a Child Realm

CreateChildRealm Method—Creates and Configures a Child Realm

The CreateChildRealm method creates and configures a realm directly under the realm on which this method was called.

Syntax

The CreateChildRealm method has the following format:

Netegrity::PolicyMgtRealm‑>CreateChildRealm(realmName, agent, authScheme [, realmDesc] [, resFilter] [, procAuthEvents] [, procAzEvents] [, protectAll] [, maxTimeout] [, idleTimeout] [, syncAudit] [, azUserDir] [, regScheme])

Parameters

The CreateChildRealm method accepts the following parameters:

realmName (string)

Specifies the name of the realm.

agent (PolicyMgtAgent)

Specifies the agent or agent group for the realm.

authScheme (PolicyMgtAuthScheme)

Specifies the authentication scheme to associate with the realm.

realmDesc (string)

(Optional) Specifies the realm description.

resFilter (string)

(Optional) Specifies the resource filter for the realm.

procAuthEvents (int)

(Optional) Specifies a flag for processing authentication events: 1 to enable, or 0 to disable. The default is enabled.

procAzEvents (int)

(Optional) Specifies a flag for processing authorization events: 1 to enable, or 0 to disable. The default is enabled.

protectAll (int)

(Optional) Specifies a flag for activating default resource protection:1 to enable, or 0 to disable. The default is enabled.

maxTimeout (int)

(Optional) Specifies the maximum time, in seconds, a user can access the realm before re-authentication is required. The default is 7200 (2 hours).

idleTimeout (int)

(Optional) Specifies the maximum time a user can remain inactive in the realm before re-authentication is required. The default is 3600 (1 hour).

syncAudit (int)

(Optional) Specifies a flag for enabling synchronous auditing: 1 to enable, or 0 to disable. When this flag is enabled, SiteMinder logs Policy Server and agent actions before it allows access to resources. The default is enabled.

azUserDir (PolicyMgtUserDir)

(Optional) Specifies the directory where users in the realm will be authorized. The default is the default directory.

regScheme (PolicyMgtRegScheme)

(Optional) Specifies the registration scheme used to register new users accessing resources in the realm.

Return Value

The CreateChildRealm method returns one of the following values:

• A PolicyMgtRealm object
• undef if the call is unsuccessful

Remarks

This method creates a realm that is configured for non-persistent sessions. To configure the realm for SiteMinder 5.0 persistent sessions, edit the realm in the Administrative UI.

Note: The Policy Management API only manipulates realms that are direct descendants of the object whose method has been called, as follows:

• For a realm under a domain. You can only manipulate the top-level realms in a domain object.
• For a realm under a realm. You can only manipulate realms that are directly under the parent realm.