System information
Identity Manager Service Provider Edition Deployment
Page 180 Identity Manager 7.1 Update 1 • Release Notes
Link Confirmation Rule
A link confirmation rule eliminates any resource accounts from the list of potential accounts that
the link correlation rule selects. Given the view of the user and the list of candidate resource
accounts, a link confirmation rule selects at most one resource account from the candidate list. The
view of the user is visible under the 'view' path, while the list of candidates is available under the
'candidates' path.
If the link correlation rule selects no more than one resource account, the link confirmation rule is
optional.
A link confirmation rule must have the
authType
attribute set to
SPERule
with the
subtype
set to
SUBTYPE_SPE_LINK_CONFIRMATION_RULE
.
LighthouseContext API
Several convenience methods have been added to the
SessionFactory
class. The table on page 16
should be updated as follows.
NOTE Unlike Identity Manager confirmation rules, a link confirmation rule
is invoked only once during the linking process.
Connection Type Method Description
Local anonymous getServerInternalContext() Returns a fully authorized context without any
authentication.
Local authenticated getSPESession(String user,
EncryptedData password)
Constructs a session for the Service Provider
user interface.
Local authenticated getSPESession(Map credentials) Constructs a session for the Service Provider
user interface. The map specifies the
credentials of the user, including the values of
the user and password keys.
Local pre-authenticated getSPEPreAuthenticatedSession(Str
ing user)
Constructs a pre-authenticated session for the
Service Provider user interface.
Remote anonymous Not applicable This connection type is only available through
SPML.
Remote authenticated getSession(URL url, String user,
EncryptedData pass)
Returns an authenticated session.