Sun Identity Manager Deployment Reference


Use this option when two or more AdminRoles are assigned to a user. The value of this option should be the name of an organization. This value specifies that the returned names should consist only of names that are available to organizations that are controlled by an AdminRole. The AdminRole must control the scopingOrg organization and is assigned to the logged-in user.

This option is typically used to ensure that when a user is creating or editing another user, the member organization of the user being edited determines which names (for example, Resourcenames) are available for assignment.

Using the scopingOrg Parameter

Set this attribute under these conditions:

For example, under these circumstances:

the resources available for assigning to that user should be limited to the resources available to the organization(s) controlled by the Engineering AdminRole.

Implementing the scopingOrg Attribute

To implement the behavior described above, add the scopingOrg attribute to the waveset.resources field in the User form.

Reference the value of the current organization as follows:

<Field name=’waveset.resources’>
   <Display class=’MultiSelect’>
      <Property name=’title’ value=’_FM_PRIVATE_RESOURCES’/>
      <Property name=’availableTitle’
      <Property name=’selectedTitle’ value=’_FM_SELECTED_RESOURCES’/>
      <Property name=’allowedValues’>
         <invoke class=’com.waveset.ui.FormUtil’