Sm_PolicyApi_Policy_t
Contents
sm1252sp1
Contents
Defines a
CA Single Sign-On
Policy object.Syntax
typedef struct Sm_PolicyApi_Policy_s{int iStructId;char pszOid[BFSIZE];char pszName[BFSIZE];/* Required */char pszDesc[BFSIZE];char pszActiveExpr[BFSIZE];bool bIsEnabled;/* Required */char pszDomainOid[BFSIZE];/* Required */long nStartTime;long nEndTime;unsigned char pszTimeGrid[TIMESIZE];Sm_PolicyApi_IPAddress_t *pIPAddress;struct Sm_PolicyApi_Policy_s* next;char pszVariableExpr[BFSIZE]Sm_PolicyApi_Oid_t* pVariableList;} Sm_PolicyApi_Policy_t;
Field | Description |
iStructId
| Policy data structure ID, defined in Sm_PolicyApi_Structs_t. |
pszOid
| The object identifier of the Policy object. |
pszName
| Name of the Policy. |
pszDesc
| Brief description of the Policy. |
pszActiveExpr
| Active expression associated with the policy. The expression is a string of variable definitions in the following format. The non-alphanumeric characters are required characters. For example:<@lib="LibName"func="FuncName" param="FuncParam"@> In the format example: LibName is the name of the shared library that supports the Active Policy. FuncName is the name of the actual function in the shared library that implements the Active Policy. FuncParam is an optional list of parameters to be passed to the function in the shared library. |
bIsEnabled
| Flag to enable or disable the policy. |
pszDomainOid
| The object identifier of the domain. Required for domain-specific policy; ignored for global policy. |
nStartTime
| The time when the time restriction becomes effective. This value is stored in standard time_t format. Set nStartTime to 0 to start the time restriction immediately. |
nEndTime
| The time when the time restriction expires. This value is stored in standard time_t format. Set nEndTime to 0 to end the time restriction immediately. |
pszTimeGrid
| An array containing time restrictions for an entire week. |
pIPAddress
| IP address that user must use in order to gain access to the resources governed by the Policy. |
next
| Pointer to the next Policy structure. |
pszVariableExpr
| Unique object identifier that corresponds to a variable type. |
pVariableList
| Linked list of variable OIDs used by this expression. |
Time Grid Array
The time grid array (used with the field
pszTimeGrid
) holds time restrictions for an entire week. The array contains a one-byte element for every hour of the day, starting with 12 AM. In every byte, the seven days of the week are represented, beginning with Sunday as the lowest order bit. Bits that are set enable the policy to fire. A zero bit prevents the policy from firing on that day during the associated hour.Examples:
- To disable policy firing for the hour 12-1 AM on Saturdays and Sundays, the hexadecimal value for the entire grid is:3E7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F
- To fire the policy at all times, leave all bits set:7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F
- To restrict the policy from being fired all day Thursday, turn off the Thursday bit in all the hour elements:6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F6F
- To restrict the policy from being fired from 8 AM to 10AM on Tuesday, turn off the Tuesday bit in hours 8 AM and 9 AM:7F7F7F7F7F7F7F7F7C7C7F7F7F7F7F7F7F7F7F7F7F7F7F7F
- To fire between 8 AM and 8 PM on all days:00000000000000007F7F7F7F7F7F7F7F7F7F7F7F00000000