Policy Server GuidesPolicy Design GuideRules › Configure a Rule for Authorization Event Actions

Previous Topic: Configure a Rule for Authentication Event Actions

Next Topic: Policy Considerations When Configuring OnAccessReject Rules

Configure a Rule for Authorization Event Actions

Authorization events occur after a user is authenticated. Rules that include authorization events allow SiteMinder to call responses based on whether a user is or is not authorized for the resource the user requested. When the user has been granted or denied access based on their privileges, the appropriate event is triggered.

Note: In order to configure rules for authorization events, you must configure the realm in which the rule is to be created to process these events. To do this, ensure that the Process Authorization Events option in the Advanced tab of the SiteMinder Realm dialog is set.

Note: When you create or modify a Policy Server object in the Policy Server User Interface, use ASCII characters. Object creation or modification with non-ASCII characters is not supported.

To create a rule for authorization event actions

  1. Using the Policy Server User Interface, create a rule object.

    The Rule Dialog opens.

  2. Provide a Name and, optionally, a Description of the new rule.
  3. In the Realm and Resources group box, select the name of the realm from the Realm drop-down list box that includes the resources to which this rule will apply.
  4. In the Resource field, enter the resource that this rule will protect.

    Note: When you look at rules associated with a realm in the SiteMinder Administration window, the Resource column displays the resource specified in each rule. Green text indicates a resource filter inherited from a realm or group of nested realms.

  5. Mark the Perform Regular Expression Matching check box if you want the rule’s resource to use regular expressions.
  6. In the Action group box, select the Authorization Events radio button.

    Note: The Allow Access and Deny Access options are disabled as they are not applicable for these events.

  7. In the Action group box, select one or more of the following authorization events from the drop-down list:
  8. If you do not want the rule to be active, unset the Enabled check box.
  9. If required, set time restrictions and or active rule settings in the Advanced group box.
  10. Click Apply to save the rule, or click OK to save the rule and return to the SiteMinder Administration window.

More information:

Authorization Events

Configure a Realm

Rule Dialog

Regular Expressions for Resource Matching

Enable and Disable Global Rules

Advanced Rule Options