Fetching Policy Response Attributes in J2EE Agents

To obtain user-specific information by fetching policy response attributes, assign a mode to the policy response attribute property and map the policy response attributes to be populated under specific names for the currently authenticated user. The following example first demonstrates how to assign the REQUEST_ATTRIBUTE mode for fetching policy response attributes and then demonstrates a way to map those attributes:

Example:

In OpenSSO Enterprise Console, Select the REQUEST_ATTRIBUTE mode option of the Response Attribute Fetch Mode property (Tab: Application, Name: com.sun.identity.agents.config.response.attribute.fetch.mode).

Then, map response attributes using the property labeled Response Attribute Mapping (Tab: Application, Name: com.sun.identity.agents.config.response.attribute.mapping), such as illustrated in the following example:

Map Key

cn

Corresponding Map Value

COMMON_NAME

Map Key

mail

Corresponding Map Value

CUSTOM-EMAIL_ADDR

When you are done setting the Profile Attribute Mapping property as described in this example, it appears in OpenSSO Enterprise Console with the following format:

[cn]=COMMON_NAME
[mail]=CUSTOM-EMAIL_ADDR

With this property, you can specify any number of attributes that are required by the protected application. For the preceding example, the application requires the attributes cn and mail and searches for these attributes under the names COMMON_NAME and EMAIL_ADDR.