Require Remote Domain Identity Assertion

The Require Remote Domain Identity assertion enables the Windows Domain Injection feature in the CA API Gateway - XML VPN Client.
gateway90
The
Require Remote Domain Identity
assertion enables the Windows Domain Injection feature in the CA API Gateway - XML VPN Client.
  • When the CA API Gateway - XML VPN Client executes this assertion, it will deduce the user name, domain name, and client program name from the operating system and then insert them into the message header. On the CA API Gateway - XML VPN Client, this assertion always succeeds.
  • When the Gateway executes this assertion, it will examine the headers provided by the CA API Gateway - XML VPN Client and then create the corresponding context variables. On the Gateway, this assertion succeeds only if the context variables are set successfully.
For more information, see
Configuring Windows Domain Injection
in the CA API Gateway - XML VPN Client documentation.
If identity injection has been disabled on the CA API Gateway - XML VPN Client, adding this assertion to a policy will have no effect. Conversely, if identity injection has been enabled full time, it will occur even if this assertion is not used.
Context Variables Created by This Assertion
The Require Remote Domain Identity assertion sets the following context variables. The default
<prefix>
is "injected" and can be changed in the assertion properties.
Variable
Description
<prefix>
.user
Contains the user name from the message header.
<prefix>
.domain
Contains the domain name from message header.
<prefix>
.program
Contains the client program name from the message header.
Using the Assertion
  1. Do one of the following:
    • To add the assertion to the Policy Development window, see Adding an Assertion.
    • To change the configuration of an existing assertion, proceed to step 2 below.
  2. Right-click
    Require Remote Domain Identity
    in the policy window and select
    Remote Domain Identity Properties
    or double-click the assertion in the policy window. The assertion properties are displayed. 
  3.  Enter a prefix that will be added to the context variables created by this assertion. This prefix will ensure uniqueness and will prevent the variables from overwriting each other when multiple instances of this assertion appear in a policy.
  4. Click [
    OK
    ] when done.