Defining resource attributes
To add a new resource attribute:
Navigate to the Resource attribute information page .
Type a unique ID and Description.
Select a Type .
Bravura Security Fabric refreshes the page and re-displays settings according to the type you selected. If JavaScript is not enabled for your browser, you must click Add to allow the page to refresh.
Set parameters as described in the table below.
Click Add, or Update.
Setting | Type | Description |
|---|---|---|
Minimum required number of values | All | A number greater than 1 means the attribute is required. |
Maximum allowed number of values | String, Integer | A number greater than 1 means that multiple values are allowed. |
Allow duplicate values | String, Integer | Determine whether the values for a multi-valued attribute must be unique. This does not apply to single-valued attributes. |
Changes made will invalidate authorizations | All | If an authorizer or requester changes a resource attribute value, any previous authorizations of a request are invalidated. Other authorizers are notified and need to re-authorize the request. If an authorizer or requester changes an entitlement attribute value, any previous authorizations of that entitlement are invalidated. Other authorizers are notified and need to re-authorize the request. This is useful where an attribute change can be an entitlement authorization period issue; for example, if AESOD set to a value of 30 days, and an authorizer changes the value to 60 days, the original request should be invalidated. |
Maximum field length | String, Integer, Password | Maximum length allowed for each value |
Notes | All | Help information for the attribute. Once set, it will be available in wizards by hovering over the question mark icon. |
Description of input values | String, Memo, Integer, Password | This is displayed to users to show them how to enter values for the attribute. For example, type |
Format requirement of input values | String, Password | For example, type NNNN-NN-NN to indicate a series of numbers. |
Regular expression used for validation of input values | String, Memo, Integer, Password | If you use a regular expression for validation the Description of input values is required. |
Plugin used to generate a list of restricted values | String, Integer | You can use a plug-in to supply one or more restricted values for an attribute. Leave this field blank to define restricted values manually. |
Display text for positive value | Boolean | The default is |
Display text for negative value | Boolean | The default is |
Display text for no value | Boolean | The default is |
Default values for the attribute | String, Integer, Boolean | Attributes can be set up with default values, so that unless a user intervenes and changes them, the default values are copied to the newly added resource. If you define restricted values for the attribute, you can select them from a drop-down list for this option. |
Encrypt this attribute in theda abase | All except User | Enable this to encrypt attribute values in the database. If encrypted, the attribute cannot be mapped to a group attribute. Certification reviewers must have appropriate permission to view encrypted attribute values; otherwise they are masked. |