enrolepolicies.properties
The enrolepolicies.properties file provides standard and custom settings that support the functions of the provisioning policy.
Functions supported by this properties file includes:
- Specifying Java™ classes to process provisioning policy conflicts with join directives
- Specifying default and non-default join directive caching timeouts
- Declaring policy attributes to be ignored during policy compliance validation
A join directive is a set of rules that is used to determine how attributes are handled when a
provisioning policy conflicts with another. Join directives use logical constructs to resolve
conflicts. Examples include combining all policy attributes (union), with only common attributes
(intersection), and resolving conflicts with Boolean AND
or OR
logic.
There are 12 types of join directives that you can use. Provisioning policy join directives take effect when more than one provisioning policy is defined for the same user (or group of users) for the same target service, service instance, or service type.
enrolepolicies.properties
file. For example if you developed a new class
(com.abc.TextualEx
) to replace the existing class for textual joins, the
registration line is as follows:
provisioning.policy.join.Textual= com.abc.TextualEx
The enrolepolicies.properties properties page defines the properties used to configure IBM Verify Identity Governance policies.
enrolepolicies.properties properties
- Join directive classes
-
provisioning.policy.join.PrecedenceSequence=com.ibm.itim.policy.join. PrecedenceSequence provisioning.policy.join.Boolean=com.ibm.itim.policy.join.Boolean provisioning.policy.join.Bitwise=com.ibm.itim.policy.join.Bitwise provisioning.policy.join.Numeric=com.ibm.itim.policy.join.Numeric provisioning.policy.join.Textual=com.ibm.itim.policy.join.Textual provisioning.policy.join.Textual.AppendSeparator=<<<>>> provisioning.policy.join.Multivalued=com.ibm.itim.policy.join.Multivalued
- Append separator characters
provisioning.policy.join.Textual.AppendSeparator
- Join directive cache timeouts
provisioning.policy.join.defaultCacheTimeout