Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating a Custom Expression for an Authentication Server (NSM Procedure)

    Custom expressions are strings that are made up of variables, operators, and subexpressions all concatenated together. These operators and variables are provided through an expressions dictionary.

    To create a custom expression for an authentication server:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the Infranet Controller for which you want to configure a server catalog.
    3. Click the Configuration tab. In the configuration tree, select Authentication > Auth Servers.
    4. Add or modify an auth server instance and then select Server Catalog. The Expressions tab appears.
    5. Click New (+) to create a custom expression. The Custom Expression editor appears. On the left side of the editor is the Expression Dictionary, which includes the following custom expression building blocks:
      • Logical Operators: This node consists of logical operators that are used to build expressions. Select a logical operator and click the Insert Expression button to insert logical operators in expressions.
      • Prebuilt Expressions: This node consists of expressions that function as templates for custom expressions. Select a prebuilt expression and click the Insert Expression button. The prebuilt expression is displayed in the Expression area. Modify the values to create your own custom expression.
      • Variables: This node consists of variables. When a variable is selected, the conditional operators that can be applied to this variable are listed in the center of the Custom Expressions editor. Also, some variables have extensions that are displayed in the drop-down list next to the variable. Double-click a variable to display its description and example usage. Click the example variable to insert it in the Expression area.
      • Your Expressions: This node consists of expressions that you created for a particular server catalog. To reuse an existing expression, select the expression and click the Insert Expression button.

      Note: Refer to the Juniper Networks Unified Access Control Administration Guide for more information on variables and writing custom expressions.

    6. Enter a name for the custom expression.
    7. Select a variable or prebuilt expression from the Custom Dictionary, and click Insert Expression. The expression is displayed in the Expression area on the right side of the Custom Expression editor. The conditional operators can be selected only after a leaf node is selected.
    8. Click the Validate button to validate the expression. The expression is validated by the device and the validation status appears.

      Note: You can create a custom expression in a device template, but you cannot validate the custom expression. The Validate button is not enabled in the Custom Expressions editor of device templates.

    9. Click OK to save the custom expression. The new custom expression is displayed under the Expressions tab of the server catalog.
    10. Click OK to save the auth server settings.

    Published: 2012-11-28