Sm_AgentApi_Attribute_t

This structure defines information about a response attribute.
casso127
This structure defines information about a response attribute.
Syntax
This structure has the following format:
typedef struct Sm_AgentApi_Attribute_s
{
   long 
nAttributeId
;
   long 
nAttributeTTL
;
   long 
nAttributeFlags
;
   char 
lpszAttributeOid
[SM_AGENTAPI_SIZE_OID];
   long 
nAttributeLen
;
   char* 
lpszAttributeValue
;
} Sm_AgentApi_Attribute_t;
Parameters
This structure has the following parameters:
  • nAttributeId
    ID of the response attribute.
  • nAttributeTTL
    The time-to-live value (in seconds) for the response attribute. The attribute remains in cache for the duration of the TTL value.
  • nAttributeFlags
    Response attribute flag. This flag is used in the following session store functions:
    • Sm_AgentApi_DelSessionVariables()
    • Sm_AgentApi_GetSessionVariables()
    • Sm_AgentApi_SetSessionVariables()
    See the ppRespAttributes parameter of these functions for more information.
  • lpszAttributeOid
    The response attribute object identifier.
  • nAttributeLen
    The length of the response attribute.
  • lpszAttributeValue
    The null-terminated attribute value of a response attribute.
Remarks
The following well-known authentication attributes are returned by Sm_AgentApi_Login() and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:
  • SM_AGENTAPI_ATTR_AUTH_DIR_OID
    The Siteminder object id of the directory where the user was authenticated. This is the internal object id assigned to the
    CA Single Sign-On
    user directory.
  • SM_AGENTAPI_ATTR_AUTH_DIR_NAME
    The
    CA Single Sign-On
    "name" specification of the directory where the user was authenticated. This is the directory name specified in the
    CA Single Sign-On
    User Directory Dialog.
  • SM_AGENTAPI_ATTR_AUTH_DIR_SERVER
    The
    CA Single Sign-On
    "server" specification of the directory where the user was authenticated. This is the directory server specified in the
    CA Single Sign-On
    User Directory Dialog.
  • SM_AGENTAPI_ATTR_AUTH_DIR_NAMESPACE
    The
    CA Single Sign-On
    "namespace" specification of the directory where the user was authenticated. This is the directory namespace (LDAP:, ODBC:, WinNT:, AD:) as specified in the
    CA Single Sign-On
    User Directory Dialog.
  • SM_AGENTAPI_ATTR_USERMSG
    The text presented to the user as a result of authentication. Some authentication schemes supply challenge text or a reason why an authentication has failed. A value for this attribute can be provided through the
    lpszUserMsg
    parameter of SmAuthenticate().
  • SM_AGENTAPI_ATTR_USERDN
    The user’s distinguished name as recognized by
    CA Single Sign-On
    .
    This attribute is also used in single sign-on operations.
  • SM_AGENTAPI_ATTR_USERUNIVERSALID
    The user’s universal id, as set in the user directory.
  • SM_AGENTAPI_ATTR_IDENTITYSPEC
    The user’s identity ticket.
    CA Single Sign-On
    returns this if the user tracking feature has been enabled.
The following well-known attributes are used in single sign-on operations and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:
  • SM_AGENTAPI_ATTR_USERDN
    The user’s distinguished name.
  • SM_AGENTAPI_ATTR_SESSIONSPEC
    The session specification returned from the login call.
  • SM_AGENTAPI_ATTR_SESSIONID
    The session ID returned from the login call.
  • SM_AGENTAPI_ATTR_USERNAME
    The user’s name.
  • SM_AGENTAPI_ATTR_CLIENTIP
    The IP address of the machine where the user initiated a request for a protected resource.
  • SM_AGENTAPI_ATTR_DEVICENAME
    The name of the agent that is decoding the token.
  • SM_AGENTAPI_ATTR_IDLESESSIONTIMEOUT
    Maximum idle time for a session.
  • SM_AGENTAPI_ATTR_MAXSESSIONTIMEOUT
    If the user does not refresh or re-login within the time-out period, the session ends.
  • SM_AGENTAPI_ATTR_STARTSESSIONTIME
    The time the session started after a successful login.
  • SM_AGENTAPI_ATTR_LASTSESSIONTIME
    The last time that the SMSESSION token in the cookie was updated (by an agent or by the Agent API using CreateSSOToken or DecryptSSOToken).
  • SM_AGENTAPI_ATTR_SSOZONE
    Specifies the designation of the SSO zone name, which you provide when you call the Sm_AgentApi_CreateSSOToken method. If you do not specify a zone name, the default is "SM." You can read this value in the in the attribute list returned by the Sm_AgentApi_DecodeSSOToken method.
The following well-known management attributes are returned by Sm_AgentApi_DoManagement() and referenced in the nAttributeId field of the Sm_AgentApi_Attribute_t structure:
  • SM_AGENTAPI_AFFILIATE_KEY_UPDATE
    Instructs the agent to update the name of the affiliate agent.
  • SM_AGENTAPI_AGENT_KEY_UPDATE_NEXT
    Instructs the agent to update its "next" Agent key. The value contains 24 bytes of binary data.
  • SM_AGENTAPI_AGENT_KEY_UPDATE_LAST
    Instructs the agent to update its "last" Agent key. The value contains 24 bytes of binary data.
  • SM_AGENTAPI_AGENT_KEY_UPDATE_CURRENT
    Instructs the agent to update its "current" Agent key. The value contains 24 bytes of binary data.
  • SM_AGENTAPI_AGENT_KEY_UPDATE_PERSISTENT
    Instructs the agent to update its static (persistent) Agent key. The value contains 24 bytes of binary data.
  • SM_AGENTAPI_CACHE_FLUSH_ALL
    Instructs the agent to flush all information in its caches.
  • SM_AGENTAPI_CACHE_FLUSH_ALL_USERS
    Instructs the agent to flush all user information stored in its caches.
  • SM_AGENTAPI_CACHE_FLUSH_THIS_USER
    Instructs the agent to flush all cache information pertaining to a given user. The value contains the following: <user dir oid> / <user dn>.
  • SM_AGENTAPI_CACHE_FLUSH_ALL_REALMS
    Instructs the agent to flush all resource information stored in its caches.
  • SM_AGENTAPI_CACHE_FLUSH_THIS_REALM
    Instructs the agent to flush all resource information pertaining to a given realm. The value is a realm OID.