EIM Mapping Lookup Algorithm
The following algorithm is used when doing a mapping lookup using either Get EIM Target Identities from the Source (eimGetTargetFromSource) or Get EIM Target Identities and Credentials from the Source (eimGetTargetCredsFromSource) API.
- Check if both the source and target registries support mapping lookup operations. If not, return no data.
- Specific source association to target association
- Check for source associations to EIM identifier(s) using the specified source registry user name and source registry. If none is found, go to step 3.
- Check for target associations to the EIM identifier(s) using the specified target registry. If none are found, go to step 3.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 3.
- Return the target identity(ies) for the specified target registry.
- Specific source association to target association using source group registries
- Check if the specified source registry is a member of any group registries. If not, go to step 4.
- Repeat these steps for each group registry:
- Check if the group registry supports mapping lookup operations. If not, go to next group registry.
- Check for source associations to EIM identifier(s) using the specified source registry user name and the group registry name. If none are found, go to next group registry.
- Check for target associations to the EIM identifier(s) using the specified target registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the specified target registry to the return list.
- If entries were added to the list, then return.
- Specific source association to target association using target group registries
- Check if the specified target registry is a member of any group registries. If not, go to step 5.
- Check for source associations to EIM identifier(s) using the specified source registry user name and source registry. If none are found, go to step 5.
- Repeat these steps for each group registry:
- Check if the group registry supports mapping lookup operations. If not, go to next group registry.
- Check for target associations to the EIM identifier(s) using the group registry name. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the group registry name to the return list.
- If entries were added to the list, then return.
- Specific source association to target association using source and target group registries
- Check if the specified source registry is a member of any group registries. If not, go to step 6.
- Check if the specified target registry is a member of any group registries. If not, go to step 6.
- Repeat these steps for each source group registry:
- Check if the source group registry supports mapping lookup operations. If not, go to next source group registry.
- Check for source associations to EIM identifier(s) using the specified source registry user name and source group registry name. If none are found, go to next source group registry.
- Repeat these steps for each target group registry:
- Check if the target group registry supports mapping lookup operations. If not, go to next group registry.
- Check for target associations to the EIM identifier(s) using the target group registry name. If none are found, go to next target group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next target group registry.
- Add the target identity(ies) for the target group registry name to the return list.
- If entries were added to the list, then return.
- Check if the domain supports policy associations. If not, return no data.
- Check if the target registry supports policy associations. If not, return no data.
- Certificate filter policy associations
- Check if the source registry is an X.509 registry. If not, go to step 10.
- Check if there is a certificate policy filter value that matches the source identity. If not, go to step 10.
- Check for certificate filter policy associations for the certificate filter policy value to the target registry. If none are found, go to step 9.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 9.
- Return the target identity(ies) for the specified target registry.
- Certificate filter policy associations using target group registries
- Check if specified target registry is a member of any group registries. If not, go to step 10.
- Repeat these steps for each target group registry:
- Check if the target group registry supports policy associations. If not, go to next group registry.
- Check for certificate filter policy associations for the certificate filter policy value to the group registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the group registry name to the return list.
- If entries were added to the list, then return.
- Default registry policy associations
- Check for default registry policy associations for the source registry to the target registry. If none are found, go to step 11.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 11.
- Return the target identity(ies) for the specified target registry.
- Default registry policy associations using source group registries
- Check if the specified source registry is a member of any group registries. If not, go to step 12.
- Repeat these steps for each group registry:
- Check if the group registry supports policy associations. If not, go to next group registry.
- Check for default registry policy associations for the group registry to the target registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the specified target registry to the return list.
- If entries were added to the list, then return.
- Default registry policy associations using target group registries
- Check if the specified target registry is a member of any group registries. If not, go to step 13.
- Repeat these steps for each group registry:
- Check if the group registry supports policy associations. If not, go to next group registry.
- Check for default registry policy associations for the source registry to the group registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the group registry name to the return list.
- If entries were added to the list, then return.
- Default registry policy associations using source and target group registries
- Check if the specified source registry is a member of any group registries. If not, go to step 14.
- Check if the specified target registry is a member of any group registries. If not, go to step 14.
- Repeat these steps for each source group registry:
- Check if the source group registry supports policy associations. If not, go to next source group registry.
- Repeat these steps for each target group registry:
- Check if the target group registry supports policy associations. If not, go to next group registry.
- Check for default registry policy associations for the source group registry to the target group registry. If none are found, go to next target group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next target group registry.
- Add the target identity(ies) for the target group registry name to the return list.
- If entries were added to the list, then return.
- Default domain policy associations
- Check for default domain policy associations to the target registry. If none are found, go to step 15.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 15.
- Return the target identity(ies) for the specified target registry.
- Default domain policy associations using target group registries
- Check if the specified target registry is a member of any group registries. If not, return no data.
- Repeat these steps for each group registry:
- Check if the group registry supports policy associations. If not, go to next group registry.
- Check for default domain policy associations to the group registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the group registry name to the return list.
- Return to caller.
The following algorithm is used when doing a mapping lookup using either Get EIM Target Identities from the Identifier (eimGetTargetFromIdentifier) or Get EIM Target Identities and Credentials from the Identifier (eimGetTgtCredsFromIdentifier) API.
- Check if the target registry supports mapping lookup operations. If not, return no data.
- Specific target association to the identifier
- Check for target associations to the EIM identifier using the specified target registry. If none are found, go to step 3.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 3.
- Return the target identity(ies) for the specified target registry.
- Specific target association to the identifier using target group registries
- Check if the specified target registry is a member of any group registries. If not, go to step 4.
- Repeat these steps for each group registry:
- Check if the group registry supports mapping lookup operations. If not, go to next group registry.
- Check for target associations to the EIM identifier using the group registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the specified target registry to the return list.
- If entries were added to the list, then return.
- Check if the domain supports policy associations. If not, return no data.
- Check if the target registry supports policy associations. If not, return no data.
- Default domain policy associations
- Check for default domain policy associations to the target registry. If none are found, go to step 7..
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to step 7.
- Return the target identity(ies) for the specified target registry.
- Default domain policy associations using target group registries
- Check if the specified target registry is a member of any group registries. If not, return no data.
- Repeat these steps for each group registry:
- Check if the group registry supports policy associations. If not, go to next group registry.
- Check for default domain policy associations to the group registry. If none are found, go to next group registry.
- If additional information is specified, check if any of the target identities have the same additional information. If not, go to next group registry.
- Add the target identity(ies) for the group registry name to the return list.
- Return to caller.
[ Back to top | Security APIs | APIs by category ]