|
|
|
The Users tab is where you specify the users and groups that can be granted access to resources at the Resource Partner. The Assertion Generator at the Account Partner can generate assertions for these users for authentication purposes.
You can only add users and groups from directories that are included in the affiliate domain in which the Resource Partner exists.
In this dialog, you will find the following fields and controls:
Opens the Users/Groups dialog, where you can add and remove users and groups to the Current Members list box.
Lists the users and groups that are included or excluded by the policy that governs assertion production for a particular user directory. The list box contains one tab for each user directory in the affiliate domain.
Lets you configure a policy with an OR or AND relationship between the users or groups of users to instruct the Policy Server when to fire the rules included in a policy. For example, you could define the following group relationship in a policy:
Authorize if Member of (Accounting AND Marketing AND Collections) OR (Legal AND Finance AND Support) OR (Shipping)
In this example, the Policy Server would only fire the policy when the user is a member of all the groups in the AND relationship or a member of the groups in the OR relationship.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |