Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.
Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.
Advice that allows a policy writer to modify attributes of a request or response body based on policy decisions.
The payload for this advice is a JSON object. Each key on the object will be interpreted as a JSONPath, and the attribute at that path will be given a value of the object's value at that key.
For example, given a body of {"foo": "bar", "a": "b"} and a payload of {"$.a": "c"}, the resulting body will be {"foo": "bar", "a": "c"}.
This advice may create an attribute, if its enclosing object or array already exists. For example, given a body of {"foo": {"bar": "baz"}, "a": "b"} and a payload of {"$.foo.foo", "foobar"}, the resulting object will be {"foo: {"bar: "baz", "foo": "foobar"}, "a": "b"}.
However, if the enclosing object does not exist, the path will be ignored, as with a body of {"foo: "bar", "x": "y"} and a payload of {"$.x.y.z", "foo"}.
This advice cannot be used on a SCIM "modify" request.
↓Parent Component
↓Properties
↓dsconfig Usage
The Modify Attributes Advice component inherits from the Advice
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ advice-id | None |
| ↓ decision-type | |
| ↓ evaluation-order-index |
| Description | A unique identifier for the advice type. This ID must match the "code" string returned from a policy decision request. |
| Default Value | modify-attributes |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | A value indicating to what type of decisions this advice should be applied. |
| Default Value | PERMIT DENY |
| Allowed Values | PERMIT - Only applied to PERMIT decisions. DENY - Only applied to DENY decisions. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
evaluation-order-index (Read-Only)
| Description | If multiple Modify Attributes Advice are returned from a single policy request, then this property governs the order in which the Modify Attributes Advice will be processed by the Policy Enforcement Point. Obligatory Modify Attributes Advice are processed first. Within the set of obligatory or non-obligatory Modify Attributes Advice, those with a smaller evaluation-order-index will be evaluated first. If multiple Modify Attributes Advice have the same evaluation-order-index, then their order of evaluation is indeterminate. |
| Default Value | 5 |
| Allowed Values | An integer value. Lower limit is 0. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Advice:
dsconfig list-advice
[--property {propertyName}] ...
To view the configuration for an existing Advice:
dsconfig get-advice-prop
--advice-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Advice:
dsconfig set-advice-prop
--advice-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...