Authentication Rules

Follow

An Attribute/Authentication rule can be specified to allow/restrict  access to this Service Provider dependant upon the attributes of the  authenticated user.  Any number of conditions can be specified and one complex condition, being a nested sub-set of attribute conditions, can be specified per Service Provider.

Attribute(Authentication) Rule Edit

To create/edit and delete conditions work in the Edit  tab. The main operator is applied to all conditions. A complex condition can specify it's own operator that applies only to the complex  condition attribute list. Functions alter depending upon the type of the attribute that is  selected: enumeration, single or multiple for instance.  The value input field is hidden when not applicable.

Attribute(Authentication) Rule View

The Code View shows how the Attribute Rule will be evaluated.

The result of specifying authorizations for a Service Provider can be seen by navigating to the Admin Portal SP Log-In page, or any other  application, and attempt to log in.  The user will not be able to login  if the criteria specified in the authorizations are not met.

Nested Rule 1

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Click Service Providers under Administration
  • Click the Authorization icon adjacent to the SP that you want to    set the Attribute(s) conditions
  • Click on Authentication Rule on the left sidebar under Service Providers
  • Select the operator AND from field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Equals - Francis
  • Click button Add Complex Condition, and select operator OR 
  • Click buton Add Simple Condition and set the necessary parameters(eg. Last Name - Equals - East), and click button Save & Close
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

Nested Rule 2

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions for the AND Rule must be met, with at least one condition from the OR condition)

  • Select the operator AND from field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes
  • Click on button Add Simple Condition, and set further parameters(eg. Last Name - Equals - Francis
  • Click button Add Complex Condition, and select operator OR 
  • Click buton Add Simple Condition and set the necessary parameters(eg. Last Name - IsEmpty), and click button Save & Close
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

OR Rule

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider  can be accessed(At least one of the set conditions must be met)

  • Select the operator OR from field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes )
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Equals - East )
  • Click button Save & Close
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Equals)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes )
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Equals - East )
  • Click button Save & Close
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Equals Not)

If the Attribute conditions here are met then User will be unable to  access the Admin Portal or any other Application for that matter

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Cick on button Add Simple Condition, and set further parameters(eg. First Name - Equals Not - Francis, the value Francis should match the value/item for the field of the User in question)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Contains)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Contains - Francis, the value Francis should match one of the values/items for the field of the User in question)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Contains Not)

If the Attribute conditions here are met then User will be unable to  access the Admin Portal or any other Application for that matter

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • •   Click on button Add Simple Condition, and set further parameters(eg. First Name - Contains Not - Francis, the value Francis should match one of the values/items for the field of the User in question)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Equals Ignore Case)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Equals Ignore Case - francis, the value Francis for the field of the User in question should have a combination of both lower and uppercase characters)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Equals Not Ignore Case)

If the Attribute conditions here are met then User will be unable to  access the Admin Portal or any other Application for that matter

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • •   Click on button Add Simple Condition, and set further parameters(eg. First Name - Equals Not Ignore Case - francis, the value Francis for the field of the User in question should have a combination of both lower and uppercase characters)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Ends With)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Ends With - Be, the value for the field of the User in question should end with the suffix Be for example, Francis Be)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Ends Not With)

If the Attribute conditions here are met then User will be unable to  access the Admin Portal or any other Application for that matter

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Ends Not With - Be, the value for the field of the User in question should end with the suffix Be for example, Francis Be)

  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Starts With)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Starts With - Be, the value for the field of the User in question should start with the prefix Be for example, Be Francis)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Starts Not With)

If the Attribute conditions here are met then User will be unable to  access the Admin Portal or any other Application for that matter

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Ends Not With - Be, the value for the field of the User in question should end with the suffix Be for example, Francis Be)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Regular Expression)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Matches - Organisa.tion(the character in between the letters A and T is a dot)(.), this implies that there can be any character in between letters A and T for the value for the field of the User in question, for example,  organisaution)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Greater Than)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Greater Than - be, the value for the field of the User in question should be bec)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Greater Than Ignore Case)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Greater Than Ignore Case - be, the value for the field of the User in question should be Bec)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Less Than)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Less Than - be, the value for the field of the User in question should be abe)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

AND Rule(Less Than Ignore Case)

This operation is used to set the Attribute conditions that need to be satisfied before the said Service Provider can be accessed(All set conditions must be met)

  • Select the operator AND from the drop down list for field When, and set the necessary parameters(eg. Administrator Access - Equals - Yes)
  • Click on button Add Simple Condition, and set further parameters(eg. First Name - Less Than Ignore Case - be, the value for the field of the User in question should be Abe)
  • Go back to the Admin Log-In page, or any other Application for that matter and attempt to login

Have more questions? Submit a request

Comments