This chapter describes how to configure AquaLogic Ensemble user experiences. It is divided into the following sections:
An experience definition describes the following aspects of the user experience:
Ensemble employes a set of experience rules to determine which experience definition to associate with a user. Each experience rule evaulates to true if its set of conditions is satisfied. Experience rules are evaluated in order, and the first rule to evaluate to true determines the experience definition is associated with the user.
To configure an experience definition:
Caution: | Ensemble uses the authentication method set in the experience definition if it meets or exceeds the authentication level required by the resource being accessed. If the resource requires a greater authentication level, Ensemble uses the authentication method appropriate for that authentication level. |
The experience definition that Ensemble chooses depends on a set of experience rules that Ensemble evaluates in a specified order. You configure experience rules by first adding or editing rules in the Rule Library. You then set the precedence of rules in the Rule Order.
Rules are defined by one or more rule types. A rule type is a single condition that can be evaluated as true or false. You can configure the rule so that any or all of the rule types must evaluate to true for the rule to evaluate to true. The following table describes the available rule types:
You can add existing rules as rule types. This allows compound rules to be formed. For example, you might create a rule that evaluates to true if any of three users is accessing the resource from a secure connection. To do this, you create rule type that evaluates to true for any of the three users. You then add that rule type to a rule type where it and the Secure connection rule type must evaluate to true.
You can configure a rule to be published or not published. You are able to add a published rule to a policy. You are able use an unpublished rule only as as a rule type for other rules.
To publish a rule, from the rule's General page, select Is published. To unpublish the rule, clear the check box next to Is published.
Note: | If the rule is currently being used in the Rule Order, it cannot be unpublished. |
The Rule Order sub-tab associates experience rules with experience definitions and provides the order in which Ensemble evaluates the rules. When determining the experience definition, Ensemble first checks the first (lowest numbered) rule in the Rule Order. If the experience rule evaluates to true, Ensemble associates the experience definition with the user. If the experience rule evaluates to false, the next rule in the order is checked, and so on, until an experience rule evaluates to true and Ensemble can associate an experience definition with the user.
To change the order of rules, adjust the numbers in the Order column.
To create a new rule in the Rule Order:
The experience definition associated with a user determines, in part, the specifics of the user's login and logout experience. On the Log In Settings page of the experience definition configuration you can supply the login resource and login, logout, error, and other interstitial pages.
The login resource is a proxied application server used to host the various pages associated with the experience definition.
To create a login resource, create a resource and select Is Login resource on the General page.
For details on creating a resource, see Proxy Resources.
The following table describes the various pages that you can associate with an experience definition.
For details on customizing the login, logout, error, and other interstitial pages, see Custom Login Resources.
Caution: | Ensemble uses the login, logout, error, and interstitial page settings in the experience definition regardless of the final authenticator used to access the resource. Ensemble uses an authenticator other than the authenticator configured with the experience definition if the resource being access requires a higher authentication level. If the required authenticator uses a login page and there is no login page configured in the experience definition, the user is presented with a blank page and is unable to authenticate. |