Carries the evaluation results from the Policy Service.
am_policy_result_t unifies various components of a policy evaluation including information regarding the user attempting to perform an action on the resource, advice messages as recommended during policy evaluation, if any, and attribute response maps providing specific key/values as set in policy definition or user entries.
#include "am_policy.h" typedef struct am_policy_result { const char *remote_user; const char *remote_user_passwd; const char *remote_IP; am_map_t advice_map; am_map_t attr_profile_map; am_map_t attr_session_map; am_map_t attr_response_map; const char *advice_string; } am_policy_result_t;
Pointer to the user attempting access.
Pointer to the password for the remote user.
Pointer to the IP address of the resource the user is attempting to access.
Takes a value based on the am_map_t defined in the <am_map.h> header file that represents any advice messages that might have resulted from the policy evaluation.
For information on advices, see Chapter 4, Managing Policies, in Sun OpenSSO Enterprise 8.0 Administration Guide.
Takes a value based on the am_map_t (defined in the <am_map.h> header file) that represents one or more user profile attributes and a corresponding value. This member is enabled when the following two agent properties are configured:
com.sun.am.policy.agents.config.profile.attribute.fetch.mode takes a value of HTTP_HEADER or HTTP_COOKIE.
com.sun.am.policy.agents.config.profile.attribute.map takes a list of LDAP attributes and their mapped values in the format attribute_name|value.
Takes a value based on the am_map_t (defined in the <am_map.h> header file) that represents one or more session attributes and a corresponding value. This member is enabled when the following two agent properties are configured:
com.sun.am.policy.agents.config.session.attribute.fetch.mode takes a value of HTTP_HEADER or HTTP_COOKIE.
com.sun.am.policy.agents.config.session.attribute.map takes a list of session attributes and their mapped values in the format attribute_name|value.
Takes a value based on the am_map_t (defined in the <am_map.h> header file) that represents one or more response attributes and a corresponding value. This member is enabled when the following two agent properties are configured:
com.sun.am.policy.agents.config.response.attribute.fetch.mode takes a value of HTTP_HEADER or HTTP_COOKIE.
com.sun.am.policy.agents.config.response.attribute.map takes a list of response names and their mapped values in the format attribute_name|value.
Pointer to a string that defines a value for further authentication if dictated by the policy condition. If no condition is specified, the advice string will have an empty value.
Memory for am_policy_result_t is allocated by am_policy_evaluate() and freed by am_policy_result_destroy().