Configuring an Info Map authentication mechanism

Use this mechanism in your policy to return a template form and perform validation on the responding POST data. This mechanism is intended to work in conjunction with the Email Message mechanism.

About this task

The Info Map mechanism can be used to implement JavaScript authentication mechanisms. When this mechanism is invoked, the configured JavaScript mapping rule will be run.

  • If the rule returns FALSE, then a page will be returned to the user. The JavaScript can also define which page to return or it can use a preconfigured page. The JavaScript can also populate any macros on the page and modify what is displayed to the user.
  • If the rule returns TRUE, then the mechanism will return success and the policy will continue.

The following parameters are available in an Info Map mapping rule:

Context

This is an authentication service context. It is identical to what is provided in the Authentication Service Credential mapping rule. For more information about how to use the context, see the context attributes section of Authentication policy parameters and credentials.

Use the context to make changes to the credential and the values that the Email Message mechanism will display.

State

A state map that is used for the lifetime of this mechanism invocation.

Note: Each instance of this mechanism will have a new state map created per invocation of the policy. If the user invokes the policy again, the state map will be empty because the state map is discarded when the rule returns TRUE.
Page

The path to the page to be returned. By default, this parameter is set to the value that is configured in the mechanism properties. It can be modified to return a different page.

Macros

A map of macros that will be populated on the returned page.

Success

Indicates whether the rule execution was successful. This parameter is set to TRUE if the rule was successful and the policy will continue. It is set to FALSE if the rule was not successful and a page will be returned to a user.

Procedure

  1. Log in to the local management interface.
  2. Click Secure Access Control.
  3. Under Policy, click Authentication.
  4. Click Mechanisms.
  5. Click Info Map Authentication.
  6. In the New Authentication Mechanism window, set the name and identifier of the mechanism on the General tab. If you are modifying an existing Info Map authentication mechanism instead of creating a new instance, values on the General tab cannot be changed.
  7. Click the Properties tab.
    1. Select a property that you want to configure.
    2. Click Modify Property.
    3. Enter the value for that property.
      Template Page
      This property defines the HTML template page.
      Mapping Rule
      Select a mapping rule from the list. Only JavaScript mapping rules in the InfoMap category are displayed in the list for selection.
    4. Click OK.
    5. Repeat the previous steps as needed.
  8. Click Save.

What to do next

After you have configured the mechanism, a message that indicates the changes are not deployed will be displayed. Deploy the changes when you are finished. For more information, see Deploying pending changes.

After deploying the changes, you can create policies that include this mechanism. For more information, see Creating an authentication policy.