Web notification compliance plugins
Compliance plugins evaluate the attributes of a particular user and determine whether that user is compliant with the notification rule or not. Compliance plugins for web notifications also determine the text of the message to be delivered, and the link that is available on the User notifications (PSN) module page. Configure built-in plugins for web notifications by clicking the configure icon 
next to the plugin field.
Built-in plugins available for the Plugin to run to determine compliance require the following parameters:
Option | Description |
|---|---|
Common options: | |
Non-compliant users will be directed to this URL | This is where the user is directed to when they selects the message link on the User notifications (PSN) module page. Select Internal link for:
Select External link to direct the user to an external site. Select None for Query USERSTAT tag if you do not want the notification message to link to another site. |
Message to display to a non-compliant user | This message is displayed until the user becomes compliant or exceeds the maximum number of reminders. |
Message to display to a user who becomes compliant | After the user takes action and becomes compliant, Bravura Security Fabric displays this message the next time the user visits the Front-end or User notifications (PSN) module. Note: This message does not apply to the "Query USERSTAT tag" plugin. |
Message to display to a non-compliant user who has exceeded the maximum number of reminders | This message is displayed once the Number of reminders has been exceeded, and the user has not taken action. |
Password expiry options | |
Number of days before expiry that the user will be notified | Use comma-delimited values to set multiple notifications. |
Only calculate password expiry for accounts on these target systems | Select the target systems on which account password expiry will be calculated. By default it calculates on all target systems listed. |
If password on these target systems are set to not expire, do not send notifications | Select the target systems for which you do not want to send notification if the account has ”Password never expires” enabled. |
Exclude these targets from calculating password expiry | Select the target systems to exclude from notifications.This option can not be configured at the same time with Only calculate password expiry for accounts on these target systems. |
Query USERSTAT tag options | |
Tag | The name of the USERSTAT tag value to check. |
Comparison | Select the comparison rule to determine that the tag value Must or Must not:
|
Value | Type the value used to evaluate the tag, and select the value type. |
There are several built-in USERSTAT tags.
You can type messages in Message to display … fields in plain text, and include variables that expand to user-specific information. The available user-specific variables are listed in Adding user-specific variables in notification messages.
You can use m4 tag names to define more complex notification messages that use HTML code to enhance the presentation.
Tag | Description | Example |
|---|---|---|
LASTPSL | The last time the user used the Attach other accounts module. The time used is the authentication time of the session. | 2021-10-28 14:40:16 (UTC-06:00) |
LASTSKIN | The last skin the user used. | default |
LASTLANG | The last language the user used. | en-us |
LASTPWCHGMODULE | The last module used to reset the user's password. | pss,ida,idpm |
PSLDONE | The user has satisfied mandatory account requirements. This is defined by the per target system setting Users must have accounts, and the global system variable PSL_MIN_ACCOUNTS. The allowed value true is set by | true |
PSQDONE | The user has satisfied the security question requirement. The allowed value true is set by | true |