Previous Topic: Change a Boolean Operator in an Expression

Next Topic: User Attribute Mapping

Apply Named Expressions

This use case represents a scenario in which a retail clothing company wants to define a role that prevents customers from making Web-based credit purchases if they have met or exceeded their credit limit. The company policy dictates that customers have a $1,000 credit limit, while company employees have a $2,000 credit limit.

In this use case, the SiteMinder environment contains two user directories:

The following details how you can use attribute mapping, virtual user attributes, and user classes to satisfy the company's credit policy.

  1. Create user attribute mappings and a universal schema or common name that identifies customers for each user directory:
    1. Create a group name attribute mapping for Directory A (employees):
      • Name the mapping IsCustomer.
      • Define IsCustomer as cn=Customers,ou=Groups,o=acme.com.
    2. Create a constant attribute mapping for Directory B (customers):
      • Name the mapping IsCustomer.
      • Define IsCustomer as TRUE.

      Note: IsCustomer is a common name that maps to the same user information in Directories A and B. To access this information, you can use IsCustomer in an expression.

  2. Create constant attribute mappings and a universal schema or common name that identifies the company's credit limit for each user directory:
    1. Create a constant attribute mapping for Directory A (employees):
      • Name the mapping CreditLimit.
      • Define CreditLimit as 2000.
    2. Create a constant attribute mapping for Directory B (customers):
      • Name the mapping CreditLimit.
      • Define CreditLimit as 1000.

      Note: CreditLimit is a common name that maps to the same user information in Directories A and B. To access this information, you can use CreditLimit in an expression.

  3. Assume that #CreditBalance is a virtual user attribute that retrieves the user's credit balance from the accounting database.
  4. Create a user class that returns a TRUE value if a customer's credit balance is under the credit limit:
  5. Create an EPM Role that lets customers make Web-based purchases if their credit balance is less than their credit limit:

Note: For more information about EPM Roles, see Enterprise Policy Management.

More information:

Attributes and Expressions Reference


Copyright © 2010 CA. All rights reserved. Email CA about this topic