Hi Team,
We have a requirement to match the requested resource (fetched via user context and stores in a variable name RequestedResource) with a multi-value attribute in CA directory that stores 4-5 resource. Please see below for details.
Variable Name: RequestedResource
Variable Value: Requested resource value fetched from the user context
Example: If the requested resource is https://domain:port/abc/xyz, the requested resource will contain /abc/xyz
LDAP attribute Name: MiddleName (multi-valued)
Attribute value: /xyz/abc^/xyz/pqr^/xyz/pqr/abc^/abc (4 resources - /xyz/abc, /xyz/pqr, /xyz/pqr/abc, /abc)
We want to authorize user when the MiddleName contains the RequestedResource. This is the requirement.
If the MiddleName is not multivalued, we are able to achieve this by using condition RequestedResource==MiddleName in the expression tab. But if the MiddleName is multivalued, it doesn't work.
Also, we are unable to use the variable RequestedResource in the users tab as condition in the policy.
Can any one let us know how to use a variable in the users tab as condition in the policy?
Any suggestions in order to achieve this requirement?
Thanks in advance,
Shivam