Validation Rule Sets

With directory-level validation, one or more validation rules are assigned to a rule set, and the rule set is associated with a managed object attribute.
cim1265
With directory-level validation, one or more validation rules are assigned to a rule set, and the rule set is associated with a managed object attribute.
Rule sets let you define and apply rules in a granular way, such as in the following examples:
  • A rule can be used in different rule sets
  • Rules can be executed in different combinations
When a rule in a rule set fails (for example, a Java or JavaScript rule returns False), any exception messages associated with the rule are presented to the user. All validation rules associated with the attribute must be satisfied before the attribute is considered validated.
Order of Execution
Rules are executed in the order in which they are listed in the rule set.
Identity Manager
executes each rule in a rule set separately, and transparently continues to each subsequent rule in the rule set unless a rule fails.
Because validation rules are executed in a predictable order, you can implement rules whose actions are dependent upon the outcome of previous rules, as in the following examples:
  • One rule’s output can become input to the next rule.
  • When a field value is changed during validation, the new value can be evaluated in subsequent rules.
Basics of Validation Rule Definition
Perform the following basic operations when defining custom validation rules:
  • Implement a validation rule
    . Implement a validation rule in any of the following ways:
    • Regular expression
    • JavaScript
    • Java class
  • Integrate a validation rule with
    Identity Manager
    through a task screen or directory.xml
    . Do so either inline (directly in the task screen or directory.xml file) or by reference (referencing a JavaScript source file or compiled Java class file), as shown in the following table:
 
Inline
By Reference
Regular Expression
directory.xml or task screen
--
JavaScript
directory.xml or task screen
Source file referenced in directory.xml
Java
--
Class file referenced in directory.xml or task screen
  • Associate one or more validation rules with a task screen field
    . Do so in either or both of the following ways:
    • With task-level validation, you assign a validation rule directly to a field on a particular task screen.
      Task-level validation has task-specific scope -- that is, it can be used only in the context of the particular task screen where it is assigned.
    • With directory-level validation, you map a rule set to a managed object attribute in directory.xml. Any task screen field that is configured with the attribute is validated against the rules in the rule set.
      Directory-level validation has global scope. This means that directory-level validation can be used on any field configured with the managed object attribute, regardless of the task screen that contains the field, and regardless of the
      Identity Manager
      environment that includes the task screen.