UnboundID Identity Broker - Third Party Policy Information Provider

Identity Broker Documentation Index
Configuration Reference Home

Third Party Policy Information Provider

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact UnboundID support in order to understand the potential impact of that change.

Third Party Policy Information Provider support Policy Information Provider implementations created in third-party code using the UnboundID server SDK.

↓Parent Component
↓Properties
↓dsconfig Usage

Parent Component

The Third Party Policy Information Provider component inherits from the Policy Information Provider

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ enabled
↓ xacml-attribute-id
↓ evaluation-order-index
↓ extension-class
↓ extension-argument

Basic Properties

description

Description	A description for this Policy Information Provider
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

enabled

Description	Indicates whether this Policy Information Provider is enabled for use in Identity Broker.
Default Value	None
Allowed Values	true false
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

xacml-attribute-id

Description	Specifies the XACML attribute identifiers that can be resolved by this Policy Information Provider. Each instance of this property may be either a specific attribute identifier (URI) as would be specified in a XACML policy, or a prefix that encompasses a family of such attributes. To be evaluated as a prefix, the attribute name must end with ":", for example urn:xxx:yyy:zzz:".
Default Value	None
Allowed Values	A string
Multi-Valued	Yes
Required	Yes
Admin Action Required	None. Modification requires no further action

evaluation-order-index

Description	When multiple Policy Information Providers are defined for a single Identity Broker, this property determines the evaluation order for determining the correct provider class for a specified XACML attribute. Values of this property must be unique among all Policy Information Providers defined within Identity Broker but not necessarily contiguous. Policy Information Providers with a smaller value will be evaluated first to determine if they match a XACML attribute Id. If the inclusion criteria of the Policy Information Providers are non-overlapping, i.e. no entry will match more than one Policy Information Provider, then the values for this property are unimportant.
Default Value	None
Allowed Values	An integer value. Lower limit is 0.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

extension-class (Read-Only)

Description	The fully-qualified name of the Java class providing the logic for the Third Party Policy Information Provider.
Default Value	None
Allowed Values	The fully-qualified name of a Java class that extends or implements com.unboundid.directory.sdk.broker.api.PolicyInformationProvider
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

extension-argument

Description	The set of arguments used to customize the behavior for the Third Party Policy Information Provider. Each configuration property should be given in the form 'name=value'.
Default Value	None
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured Policy Information Providers:

dsconfig list-policy-information-providers
     [--property {propertyName}] ...

To view the configuration for an existing Policy Information Provider:

dsconfig get-policy-information-provider-prop
     --provider-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Policy Information Provider:

dsconfig set-policy-information-provider-prop
     --provider-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Third Party Policy Information Provider:

dsconfig create-policy-information-provider
     --provider-name {name}
     --type third-party
     --set enabled:{propertyValue}
     --set xacml-attribute-id:{propertyValue}
     --set evaluation-order-index:{propertyValue}
     --set extension-class:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Policy Information Provider:

dsconfig delete-policy-information-provider
     --provider-name {name}