Global Properties

The Global Properties are:

Resource Comparator

Specifies the resource comparator information used to compare resources specified in a Policy rule definition. Resource comparison is used for both policy creation and evaluation.

Click the Add button and define the following attributes:

Service Type

Specifies the service to which the comparator should be used.

Class

Defines the Java class that implements the resource comparison algorithm.

Delimiter

Specifies the delimiter to be used in the resource name.

Wildcard

Specifies the wildcard that can be defined in resource names.

One Level Wildcard

Matches zero or more characters, at the same delimiter boundary.

Case Sensitive

Specifies if the comparison of the two resources should consider or ignore case. False ignores case, True considers case.

Continue Evaluation on Deny Decision

Specifies whether or not the policy framework should continue evaluating subsequent policies, even if a DENY policy decision exists. If it is not selected (default), policy evaluation would skip subsequent policies once the DENY decision is recognized.

Advices Handleable by OpenSSO

Defines the names of policy advice keys for which the Policy Enforcement Point (Policy Agent) would redirect the user agent to OpenSSO Enterprise. If the agent receives a policy decision that does not allow access to a resource, but does posses advices, the agent checks to see whether it has a advice key listed in this attribute.

If such an advice is found, the user agent is redirected to OpenSSO Enterprise, potentially allowing the access to the resource.

Realm Alias Referrals

When set to Yes, this attribute allows you to create policies in sub-realms without having to create referral policies from the top-level or parent realm. You can only create policies to protect HTTP or HTTPS resources whose fully qualified hostname matches the DNSAlias of the realm. By default, this attribute is defined as No.