Policy Manager Interface
This topic describes the Policy Manager interface as seen by those with the Administrator role. Some elements may not be visible or editable if you have a more restrictive role. For more information, see .
This topic describes the Policy Manager interface as seen by those with the Administrator role. Some elements may not be visible or editable if you have a more restrictive role. For more information, see Manage Roles.
General Interface: Identity Providers & Home Page
General Interface: Assertions & Policy Tree
Main Tool Bar
The Main Tool Bar contains shortcuts to commonly used program features:
- Connect: Connects to a Gateway.
- Disconnect: Disconnects from a Gateway and logs you out.
- Refresh: Updates the policy development window by retrieving information from the Gateway again.
- Home: Displays the Home page. (To return to policy view, double-click the name of the service.)
- Preferences: Configures preferences for the standard version of the Policy Manager.
Assertions Tool Bar
The Assertions Tool Bar contains shortcut buttons used to add and organize assertions in the policy development window. Many of these actions are also available by right-clicking the assertion in the policy development window.
(1) All operations (except for the button) can be performed on more than one assertion at a time. To select multiple assertions, hold down the [Ctrl] or [Shift] key while selecting assertions in the policy. The [Shift] key selects blocks of assertions, while [Ctrl] key allows for discontiguous selection. (2) The Assertions Tool Bar is disabled if the policy was installed by a Solution Kit and is not intended to be edited.
Adds the selected assertion to the policy.
Alternative: Drag the assertion from the [Assertions] tab and drop it into the policy development window.
Expands and collapses the selected composite assertion(s) or included policy fragment assertion(s) in the policy development window. If no assertions are selected, then all assertions in the policy are expanded or collapsed.
These buttons are not active if you select a branch with nothing to expand or collapse (in other words, it does not show the or icon).
Alternative: Right-click the assertion and select
Moves the selected assertion(s) in the policy up or down one line.
Alternatives: (1) Drag and drop the assertion.(2) Right-click the assertion and select
Move Assertion Upor
Move Assertion Down.
Deletes the selected assertion(s) from the policy.
Alternative: Right-click the assertion and then select
Disables the selected assertion(s) in the policy.
Alternative: Right-click the assertion and then select
Policy Tool Bar
The Policy Tool Bar contains shortcuts to commonly used policy features:
- Save and Activate:Saves the policy or policy fragment in the policy development window and makes it the active revision. This button is available only if you have opened a non-active version for editing and changes have been made in the policy editor.
- Save:Saves the policy or policy fragment in the policy development window as a new revision but does not change the active version.To activate an inactive version, either use [Save and Activate] or the [Set Active] button in the Policy Revisions dialog.The [Save] and [Save and Activate] buttons are unavailable when your role permits Read but not Write access to policies (for example, the "Operator" role). They may also be unavailable for policies added by a Solution Kit (where the Solution Kit author has disallowed changes).To preserve policy changes in these instances, export the policy.
- Validate: Validates the policy.
- Export Policy: Exports the policy to a file.
- Import Policy: Imports a policy from a file.
- Show Comments/Hide Comments: Toggles the display of comments in the policy development window.
- Show Assertion Numbers/Hide Assertion Numbers: Toggles the display of line numbers next to each assertion in the policy development window.
- Show Inputs and Outputs/Hide Inputs and Outputs:Toggles the display of inputs and outputs for the currently displayed policy fragment (in the desktop client, use the option under the View menu).This button only has effect when the policy fragment displayed is currently serving as a backing policy for an encapsulated assertion. It has no effect when used with any other policies.
[Identity Providers] Tab
Contains the that have been set up in the Policy Manager. Right-click on a provider name to see the available actions.
Contains a categorized list of the policy assertions used to construct a policy for a service. Expand a category to see the assertions within it.
The Home Page is displayed upon startup or when [Home] is clicked on the Main Tool Bar. The Home Page contains shortcuts to commonly used wizards and dialogs.
Policy Search Bar
The Policy Search Bar in the policy development window helps you quickly locate an assertion based on text visible in the policy editor, or in the underlying XML code.
You can hide the Policy Search Bar by pressing the [Esc] key or by clicking the "x" in the upper right corner. Press [Ctrl]+F or select Edit > Find to re-enable the search bar.
The following table describes the controls in the Policy Search Bar:
Type the text in this search box. As you type, any assertions that contain the matching text are displayed.
Tip:If [Include Properties] is selected, the match may not be obvious: the match may occur in the underlying XML code for the assertion.
Click this to see a drop-down list showing the matching assertions again.
Click this button to jump to the next matching assertion. This is the same as selecting Find Next from the Edit menu (keyboard shortcut [F3]).
Click this button to jump to the previous matching assertion. This is the same as selecting Find Previous from the Edit menu (keyboard shortcut [Shift]+[F3]).
Select this check box to match the case of the search string.
Clear this check box to ignore case during searches. This setting is the default.
Select this check box to include disabled assertions in the searches. This setting is the default.
Clear this check box to show only active assertions.
Select this check box to include the assertion properties in the searches. This setting is the default.
Clear this check box to search only the assertion name.
Note: When including properties, the underlying XML code is also searched. This may result in unexpected matches.
Tip:To see the underlying XML code, copy the assertion and then paste the contents into a text editor. Note that only text viewable in the underlying XML is searchable.
Click this button to close the Policy Search Bar.
During the search, feedback messages similar to the following may appear:
These messages are for informational purposes only and will disappear when you click on them or perform another search task.
Policy Development Window
Used to view or edit a policy revision for the selected published service. Each policy or revision is displayed in a separate tab. The tab name indicates whether the revision is active or inactive.
Policy Validation Messages Window
This window displays confirmation, warning, and error messages about the policy. You can show/hide this window using the [View] > Policy Messages menu option. Unless you need the screen space for the policy development window, you should always have the validation window open. For more information, see Validate a Policy.
The Status Bar displays user, Gateway, and port information. This bar may be toggled on and off by using [View] > Status Bar.
The Policy Manager can alert you to important audit events that require your attention. These events could have occurred while you were logged off or while you are using the Policy Manager.
When an audit event occurs that meets a preset threshold, the following alert indicator will appear in the top right corner of the user interface:
Click this indicator to open the Audit Alerts dialog.
Tip:You can also access this dialog directly via:
Tasks > Logging and Auditing > Configure Audit Alert Options.
Your options are as follows:
Launches the Gateway Audit Events window, where you can see more information about the audit items.
When [View Audits] is clicked, the audit alert indicator will not appear again until there are new audits requiring your attention.
Acknowledges the alert and closes the dialog without displaying the Gateway Audit Events window.
Configure Audit Alert Options
Opens the Configure Audit Alerts dialog to allow you to configure the following settings:
To configure audit alerts when the Audit Alerts Waiting indicator is not present, select Configure Audit Alert Options from the Task menu.
Controls in dialog boxes are largely self explanatory. If a list or table is present in a dialog box, you can click the column heading to re-sort the column in ascending or descending order.