To Add or Modify a Rule to a Referral Policy

1. If you have already created the policy, click the name of the policy for which you wish to add the rule. If not, see To Create a Referral Policy With the Access Manager Console.

2. Under the Rules list, click New.

3. Select one of the following default service types for the rule. You may see a larger list if more services are enabled for the policy:

   Discovery Service

   Defines the authorization actions for Discovery service query and modify protocol invocations by web services clients for a specified resource.

   Liberty Personal Profile Service

   Defines the authorization actions for Liberty Personal Profile service query and modify protocol invocations by web services clients for a specified resource.

   URL Policy Agent

   Provides the URL Policy Agent service for policy enforcement. This service allows administrators to create and manage policies through a policy enforcer or policy agent.

4. Click Next.

5. Enter a name and resource name for the rule.

   Currently, Policy Agents only support http:// and https:// resources and do not support IP addresses in place of the hostname.

   Wildcards are supported for resource names, port number, and protocol. For example:

   http://*:*/*.html

   For the URL Policy Agent service, if a port number is not entered, the default port number is 80 for http://, and 443 for https://.

   To allow the management of resource for all servers installed on a specific machine, you can define the resource as http://host*:*. Additionally, you can define the following resource to grant an administrator to a specific organization authority for all of the services in that organization:

   http://*.subdomain.domain.topleveldomain

6. Click Finish.