do-set-sso-credential

The <do-set-sso-credential> action sets a credential on the object specified by <arg-dn> in the Single Sign On credential store specified by store-def-dn for the application specified by app-id. The credential information is specified by additional named <arg-string>'s. The number of the strings and the names used are dependent on the credential store and application for which the credential is targeted.

If the SSO provider returns any type of error, the error string will be available to the enclosing policy in the local variable named error.do-set-sso-credentialand will be the form: <4-Digit Number>:<Text Description>. Otherwise that local variable will be unavailable.

Example

<do-set-sso-credential app-id="AD7" store-def-dn="../Library/SSO1">
  <arg-dn>
    <token-parse-dn dest-dn-format="ldap" length="-1" src-dn-format="src-dn" start="0">
      <token-src-dn/>
    </token-parse-dn>
  </arg-dn>
  <arg-string name="username">
    <token-src-name/>
  </arg-string>
  <arg-string name="password">
    <token-local-variable name="generatedPassword"/>
  </arg-string>
</do-set-sso-credential>

1. Allowed Content

arg-dn
DN argument
arg-string
string argument

2. Attributes

AttributeValue(s)Default Value
app-def-dn CDATA
DN of the application credential definition object
only used by the UI so the various UI's should agree on the DN format used
#IMPLIED
app-id CDATA
application ID for the credential
supports variable expansion
#REQUIRED
disabled true   |  false
true if this element is disabled
false
notrace true   |  false
false
store-def-dn CDATA
slash form DN of the credential store definition object
may be relative to the including policy
supports variable expansion
#REQUIRED

3. Content Rule

( arg-dn , arg-string * )

4. Parent Elements

actions
  actions that are performed by a <rule>
arg-actions
  actions argument

Top Elements || All Elements || Tree


DirXMLScript DTD