Sun Java System Access Manager 7.1 Administration Guide

Creating Policies for Peer Realms and Sub Realms

In order to create policies for peer or sub realms, you must first create a referral policy in the parent (or another peer) realm. The referral policy must contain, in its rule definition, the resource prefix that is being managed by the sub realm. Once the referral policy is created in the parent realm (or another peer realm) normal policies can be created at the sub realm (or peer realm).

In this example, o=isp is the parent realm and is the sub realm that manages resources and sub-resources of

ProcedureTo Create a Policy for a Sub Realm

  1. Create a referral policy at o=isp. For information on referral policies, see the procedure Modifying a Referral Policy.

    The referral policy must define as the resource in the rule, and must contain a SubRealmReferral with as the value in the referral.

  2. Navigate to the sub realm

  3. Now that the resource is referred to by isp, normal policies can be created for the resource , or for any resource starting with .

    To define policies for other resources managed by, additional referral policies must be created at o=isp.