Table of Contents
Advertisement
Table 11-2 Attributes supported by request object implementations (Continued)
Request type
Variable name
Enrollment
cepsubstore
Enrollment,
requestStatus
Renewal, and
Revocation
Renewal
requestFormat
Default attributes from an authentication token:
(Upon successful authentication these attributes go into an enrollment request)
Enrollment
authMgrImplName
Enrollment
authMgrInstName
You can define your own attributes for predicates, if there's a need. For example,
assume you have two organizational units Sales and Manufacturing and you want
to issue client certificates with different validity periods to users in these two units.
A quick and easy way to accomplish this would be to define a new attribute for the
organizational unit, add the attribute to the enrollment form that the users in these
organizational units use for certificate enrollment (so that the server receives it
from the HTTP input), and use the attribute in the predicate expression for the
validity constraints policy—a policy rule that determines the validity period of
certificates the server issues. For details on this policy, see "ValidityConstraints,"
on page 508.
Note that to define a new attribute in any of the HTML forms, all you need to do is
to add the following line to the corresponding HTML form:
<input type="HIDDEN" name="attribute_name" value="attribute_value">
Description
Specifies the name of the CEP service; for example, cep1 and
cep2. When setting up multiple CEP services, you can use
predicates to differentiate one service for another; see "CEP
Enrollment" on page 414.
Specifies when (or the phase in which) a request gets
subjected to policy processing:
• begin specifies that the request be subjected to a policy
before it gets queued for agent approval.
• pending specifies that the request be subjected to a
policy after agent approval.
Specifies the certificate request format. Default values
include the following:
• clientAuth
• pkcs10
Specifies the name of the authentication plug-in module that
authenticated the request.
Specifies the name of the authentication instance that
authenticated the request.
Introduction to Policy
Chapter 11
Policies
489
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN