A condition specifies additional constraints that must be satisfied for a policy be applicable. For example, you can define a condition to limit a user’s network access to a specific time period. The condition might state that the subject can access the network only between 7:00 in the morning and 10:00 at night. You can implement custom conditions using the Policy APIs. Access Manager provides the following conditions:
The policy applies if the user's authentication level is greater than or equal to the Authentication level set in the condition. The Authentication Level attribute indicates the level of trust for authentication.
Policy is applicable based on which authentication scheme is specified.
Policy is applicable based on a range of IP Addresses.
Policy is applicable if the user's authentication level is less than or equal to the Authentication level set in the condition.
Policy is applicable based on user session data such as Max Session Time.
Policy is applicable based on values of properties set in the user's Access Manager session.
Policy is applicable based on time constraints.