Sun Java System Access Manager 7.1 Federation and SAML Administration Guide

ProcedureTo Configure Discovery Service Policy Definitions

  1. In the Access Manager Console, click the Access Control tab.

  2. Select the name of the realm in which the policy definitions will be configured.

  3. Select Policies to access policy configurations.

  4. Click New Policy to add a new policy definition.

  5. Type a name for the policy.

  6. (Optional) Enter a description for the policy.

  7. (Optional) Select the check box next to Active.

  8. Click New to add rules to the policy definition.

  9. Select Discovery Service for the rule type and click Next.

  10. Type a name for the rule.

  11. Type a resource on which the rule acts.

    The Resource Name field uses the form ServiceType + RESOURCE_SEPARATOR + ProviderID. For example, urn:liberty:id-sis-pp:2003-08;http://example.com.

  12. Select an action and appropriate value for the rule.

    Discovery Service policies can only look up or update data.

  13. Click Finish to configure the rule.

    The com.sun.identity.liberty.ws.interfaces.Authorizer interface can be implemented by any web service in Access Manager. For more information, see Common Service Interfaces and the Java API Reference in /AccessManager-base/SUNWam/docs or on docs.sun.com.

  14. Click New to add subjects to the policy definition.

  15. Select the subject type and click Next.

  16. Type a name for the group of subjects.

  17. (Optional) Click the check box if this is an exclusive group.

  18. Select the users and click to add them to the group.

  19. Click Finish to return to the policy definition screen.

  20. Click New to add conditions to the policy definition.

  21. Select the condition type and click Next.

  22. Type values for the displayed attributes.

    For more information, see the Sun Java System Access Manager 7.1 Administration Guide.

  23. Click Finish to return to the policy definition screen.

  24. Click New to add response providers to the policy definition.

  25. Type a name for the response provider.

  26. (Optional) Add values for the StaticAttribute.

  27. (Optional) Add values for the DynamicAttribute.

  28. Click Finish to return to the policy definition screen.

  29. Click Create to finish the policy configuration.