Sm_PolicyApi_ResponseAttr_t
Contents
casso10
Contents
Defines a
CA Single Sign-On
Response attribute object.Syntax
typedef struct Sm_PolicyApi_ResponseAttr_s{int iStructId;char pszOid[BFSIZE];char pszAgentTypeAttrOid [BFSIZE];/* Required */char pszValue[BFSIZE];int iTTL;/* Required */int iFlags;struct Sm_PolicyApi_ResponseAttr_s* next;char pszActiveExpr[BFSIZE];Sm_PolicyApi_Oid_t* pVariableList;} Sm_PolicyApi_ResponseAttr_t;
Field | Description |
iStructId
| Response Attribute data structure ID, defined in Sm_PolicyApi_Structs_t. |
pszOid
| The object identifier of the Response Attribute object. |
pszAgentTypeAttrOid
| The object identifier of the agent type attribute. |
pszValue
| A response attribute type, as described in Response Attribute Types. |
iTTL
| Amount of time (in seconds) that can elapse before the value of the response attribute is recalculated. |
iFlags
| Reserved. |
next
| Pointer to the next Response Attribute structure. |
pszActiveExpr | Active expression associated with the response attribute. For information, see the bullet "Active Response" in the section Response Attribute Types. |
pVariableList
| Linked list of variable OIDs used by the active expression. |
Response Attribute Types
The field
pszValue
contains one of the following response attribute types:The non-alphanumeric characters in the formats below are required characters.
- Static. A string that is part of aCA Single Sign-Onresponse. The string has the following format:variable-name=variable-valueIn the format example:
- variable-nameis the name for the name/value pair that this response attribute will return to the Web Agent.
- variable-valueis the static text that will be returned as the second half of the name/value pair.
- User Attribute. A string containing profile information from a user's entry in a user directory. The string has the following format:User-Attr-variable-name=<%userattr="user-attr-name"%>In the format example:
- User-Attr-variable-nameis the name for the name/value pair that this response attribute will return to the Web Agent.
- user-attr-nameis a user attribute that can be retrieved from an LDAP, WinNT, or ODBC user directory.
- DN Attribute. A string containing profile information from a directory object in an LDAP or ODBC user directory. The string has the following format:DN-Variable-Name=<#dn="DN-Spec" attr="DN-Attribute-Name"#>In the format example:
- DN-Variable-Nameis the name for the name/value pair that this response attribute will return to the Web Agent.
- DN-Specis the distinguished name of the user group from which you want to retrieve the user attribute.
- DN-Attribute-Nameis an attribute associated with an LDAP or ODBC directory object to which the user is related, such as a group or an organizational unit (OU).
- Active Response. An active expression associated with the Response Attribute. The expression is a string of variable definitions in the following format:Name=<@lib="LibName" func="FuncName" param="Param"@>In the format example:
- Nameis the name of the variable (with WebAgent-HTTP-Header-Variable response attributes) or cookie (with WebAgent-HTTP-Cookie-Variable response attributes) associated with the name/value pairs in the active expression.
- LibNameis the name of the shared library that supports the Active Response.
- FuncNameis the name of the actual function in the shared library that implements the Active Response.
- Paramis an optional list of parameters to be passed to the function in the shared library.
Note:For information about configuring active expressions in responses, rules, or policies, seePolicy Design.