Previous Topic: Logical Attribute Handler Management Tabs

Next Topic: Logical Attribute Handler Tab: ForgottenPasswordHandler


Logical Attribute Handler Tab

The Create, Modify, and View Logical Attribute Handler task screens allow you to create logical attribute handlers, which are Java objects that process logical attribute data and are written using the Logical Attribute API. For example, using this screen, you can create a logical attribute handler that can convert physical attribute data from the user store into logical attribute data that can be displayed on the task screen.

To configure or view logical attribute handlers, specify or view the following settings:

Name

The name of the logical attribute handler (editable for new logical attribute handlers only).

Description

An optional description of the logical attribute handler.

Object Type

The type of managed object (GROUP, ORGANIZATION, or USER) that the logical attribute handler applies to. When tasks of the specified object type are created in the User Console, the associated logical attribute is available for inclusion on the task screen.

Class

The fully-qualified logical attribute handler class name--for example:

    com.netegrity.ims.adapters.ConfirmPasswordHandler

Logical Attributes

A logical attribute ID and name associated with this logical attribute handler, as follows:

Field

Description

Name

The unique ID of the logical attribute. Pass this value into the method getLogicalAttributeName() to retrieve the logical attribute name that corresponds to the ID.

Attribute Name

The name of the logical attribute. This is the name that an administrator sees in the User Console when creating a task screen and associating attribute names with task screen fields.

The logical attribute name must begin an end with vertical bars ( | )--for example:

|forcePasswordReset|

To add a logical attribute, specify values in the Name and Attribute Name fields, and then click the plus sign. After the logical attribute is added, select the appropriate check box(es) if the logical attribute is a multi-valued attribute or if it is used as an options list.

Physical Attributes

A physical attribute ID and name associated with this logical attribute handler, as follows:

Field

Description

Name

The unique ID of the physical attribute.

Attribute Name

The name of a physical attribute or a well-known attribute. With well-known attributes, the attribute name is enclosed in percent signs ( % )--for example:

%ENABLED_STATE%

In the directory.xml file, a physical attribute name and optionally, a well-known attribute name are mapped to a display name. In the task screen, the display name appears in the Attribute Name dropdown.

To add a physical attribute, specify values in the Name and Attribute Name fields, and then click the plus sign.

Physical attributes are attributes of the underlying data store (a user directory such as LDAP, the SiteMinder policy store, or a database). If a task screen field is configured with a physical attribute, a value entered into the field is ultimately written to the data store.

User Properties

Optional name/value pairs of data that are passed into the init() method of the logical attribute handler, to be used in any way that the handler’s business logic requires, as follows:

Field

Description

Property

User property name.

Value

Value of the user property.

To add a user property, specify values in the Property and Value fields, and then click the plus sign.