The mapping rules are JavaScript code that run during the authentication
flow. Use the rules to customize the authentication service and the one-time password generation,
delivery, and verification.
Before you begin
Attention: Use extreme care when you replace mapping rules. Any change that you make to
a mapping rule can affect the entire runtime environment. Always export a copy of the original rule
you plan to replace so that you have a backup copy.
About this task
You can customize several components through JavaScript code. For example, you
can customize the Authentication Service to modify the content of user credential by modifying the
AuthSvcCredential mapping rule.
The JavaScript code is run by the Rhino JavaScript engine. Your
JavaScript code must conform to JavaScript 1.7. Your JavaScript code is not run under a browser
environment. Therefore, you cannot use objects and functions that are available only in a browser
environment. You can, however, use standard JavaScript objects (such as Math) and
functions (such as parseInt). In addition, your JavaScript code can use
white-listed Java classes, which you might need so that you can use operations that are not
supported by standard JavaScript functions. You can find the list of these Java classes at JavaScript whitelist. To find out more about using Java classes in JavaScript, see the Rhino documentation https://developer.mozilla.org/en/docs/Rhino.
Procedure
- Log in to the local management interface.
- Click Secure Access Control or Secure
Federation.
- Under Policy, click Authentication.
- Click Advanced.
- Take one of the following actions:
- View a mapping rule:
- Select a mapping rule.
- Click . The View Mapping Rule panel opens. The content of the mapping rule is
displayed.
- Click OK to close the panel.
- Export a mapping rule:
- Select a mapping rule.
- Click .
- Choose a location and save the file.
- Replace a mapping rule:
- Use an existing mapping rule as the basis for the updated mapping rule.
Attention: When you replace this file, an error in the JavaScript source might be found immediately after it
is replaced or it might not be found until the file is run.
- Select a mapping rule that you want to replace.
- Click . The Replace Mapping Rule panel opens.
- Click the field or the Browse button and select a file.
Attention: The name of the mapping rule cannot be replaced. The name of the uploaded file is
ignored.
- Click OK to upload the mapping rule.
What to do next
When you replace a mapping rule, the appliance displays a message that there
are undeployed changes. Deploy the changes when you are done. For more information, see
Deploying pending changes.