Authenticated User Mapping

You can use the authenticated user mapping module to map an authenticated user name to a different Security Access Manager user identity.

During the authentication process, Security Access Manager takes an XML representation of the authentication data and then evaluates the data against an XSLT rule to produce the appropriate user identity. The result is either a static user identity or an LDAP search string that you can use to locate the user identity. In addition, one or more attributes might be added to the generated credential for the user.

Note: The authenticated user mapping module cannot be invoked if an EAI authentication takes place, where a privileged attribute certificate (PAC) is supplied as the authentication data.
Parent topic: Advanced authentication methods
Related concepts:
Multiplexing proxy agents
Switch user authentication
Reauthentication
Authentication strength policy (step-up)
External authentication interface
Client Certificate User Mapping
External user mapping
Password strength