AnsweredAssumed Answered

Role Expressions: Syntax for referencing user attributes

Question asked by Aspi on Nov 16, 2010
Latest reply on May 2, 2017 by Matt.Flannery
We are using Siteminder R12 SP3 and I need some help configuring a role for an application. Essentially I want to set a role based on a user attribute containing a specific string.

To achieve this, I have created a role and need help with the 'Membership Expression'.
The user attribute is called 'nsroledn' which is a multi-value attribute in LDAP, and I want to set this role if this attribute contains string 'cn=approle,dc=putnaminv,dc=com'.

None of these formats seem to work:
- (LCASE(<%userattr='nsroledn'%>) Contains 'cn=approle,dc=putnaminv,dc=com')
- (LCASE(%nsroledn) Contains 'cn=approle,dc=putnaminv,dc=com')
- (LCASE(nsroledn) Contains 'cn=approle,dc=putnaminv,dc=com')

What is the current syntax?

Aspi Engineer
Putnam Investments