X509 Public Certificate Issuer: Retrieves the issuer field from the certificate, which is
the name of the certificate authority (CA) that issued the certificate.
X509 Public Certificate: Retrieves the entire certificate, Base64 encoded.
X509 Serial Number: Retrieves the serial number of the certificate.
SAML Credential: If your users authenticate using a SAML assertion, select this option.
Comparison: Select one of the following types:
Comparison: String: Specifies that you want the values compared as strings and how you
want the string values compared. Select one of the following:
Equals: Indicates that the values must match, letter for letter.
Starts with: Indicates that the Credential Profile value must begin with the letters
specified in the Value field.
Ends with: Indicates that the Credential Profile value must end with the letters specified
in the Value field.
Contains Substring: Indicates that the Credential Profile value must contain the letters,
in the same sequence, as specified in the Value field.
Comparison: Regular Expression: Matches: Specifies that you want the values compared as
regular expressions.
Mode: Select the mode appropriate for the comparison type:
Comparison: String: Specify whether case is important by selecting Case Sensitive or Case
Insensitive.
Comparison: Regular Expression: Matches: Select one or more of the following:
Canonical Equivalence
Case Insensitive
Comments
Dot All
Multi-Line
Unicode
Unix Lines
For regular expression syntax information, see the Javadoc for java.util.regex.Pattern.
Value: Specify the second value for the comparison. Select one of the following data types:
LDAP Attribute: If you have an LDAP attribute that corresponds to the Credential Profile you
have specified, select this option and the attribute.
Liberty User Profile: If you have a Liberty User Profile attribute that corresponds to the
Credential Profile you have specified, select this option and the attribute.
92
Novell Access Manager 3.1 SP2 Policy Guide