3. Content Rule
( arg-dn , arg-string * )
The <do-clear-sso-credential> action clears a credential from the object specified by <arg-dn> in the Single Sign On credential store specified by store-def-dn for the application specified by app-id. Additional information about the credential to be cleared may be specified by additional named <arg-string>'s. The number of the strings and the names used are dependent on the credential store and application for which the credential is targeted.
If the SSO provider returns any type of error, the error string will be available to the enclosing policy in the local variable named error.do-clear-sso-credentialand will be the form: <4-Digit Number>:<Text Description>. Otherwise that local variable will be unavailable.
<do-clear-sso-credential app-id="AD7" store-def-dn="../Library/SSO1">
<arg-dn>
<token-parse-dn dest-dn-format="ldap" length="-1" src-dn-format="src-dn" start="0">
<token-src-dn/>
</token-parse-dn>
</arg-dn>
</do-clear-sso-credential>
- arg-dn
- DN argument
- arg-string
- string argument
Attribute Value(s) Default Value app-def-dn CDATA
DN of the application credential definition object
only used by the UI so the various UI's should agree on the DN format used
#IMPLIED app-id CDATA
application ID for the credential
supports variable expansion#REQUIRED disabled true | false
true if this element is disabledfalse notrace true | false
false store-def-dn CDATA
slash form DN of the credential store definition object
may be relative to the including policy
supports variable expansion#REQUIRED
( arg-dn , arg-string * )
- actions
- actions that are performed by a <rule>
- arg-actions
- actions argument
Top Elements || All Elements || Tree