Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

Attribute Filter Script Examples

Example 1: Using an LDAP Query to Select a Static Filter to Execute

This example uses the same LDAP repository as Example 4: Conditional Profile Assignment from User Attribute. In this case, the value of the Employee-Type attribute is used to select the name of a statically-defined filter that is returned as the result from the script. If an unknown Employee-Type is returned, no static filter is executed, but the script modifies the Service-Type attribute programmatically.

Here is the LDAP accessor .gen file:

[Bootstrap]LibraryName=ldapaccessor.dllEnable=1 [Settings]MethodName=FilterExample1Timeout=20ConnectTimeout=25QueryTimeout=10WaitReconnect=2MaxWaitReconnect=360UpperCaseName = 0SSL = 0Search = FindUser [Server]s1= [Server/s1]Host=<server-name>Port = 389BindName=uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRootBindPassword=<password> [Request]User-Name=my-user-name [Response]Employee-Type=employeetype [Attributes/UserAttributes]employeetype [Search/FindUser]Base=ou=people,dc=bigco,dc=comScope = 2Filter = uid=<my-user-name>Attributes = UserAttributesTimeout = 20%DN = dn [VariableTypes]User-Name = stringEmployee-Type = string

Here is the .jsi file for an outbound filter script:

[Settings]LogLevel = 2ScriptTraceLevel = 0 [Script]// Initialization block
if (!this.initialized) { filter = new AttributeFilter(); accessor = new DataAccessor("FilterExample1"); initialized = true;}
else { accessor.Clear();}
 // Get the employee type from the username and set accessor input variable.var username = filter.Get("User-Name");accessor.SetInputVariable("User-Name", username); // Execute the accessor.
if (accessor.Execute() == DataAccessor.FOUND) { // Get the employee type from the query result. var type = accessor.GetOutputVariable("Employee-Type"); if (type == null) { SbrWriteToLog("FilterExample1: accessor returned null employee type"); return SCRIPT_RET_FAILURE;}  // For known employee types, return name of built-in filter to execute. switch (type) { case "Student":    return "StudentFilter"; case "Faculty":    return "FacultyFilter"; case "Vendor":    return "VendorFilter"; default:    SbrWriteToLog("FilterExample1: unknown employee type '" + type + "'");}}
 // Unknown employee type -- change Service-Type to Authenticate-Only.filter.Replace("Service-Type", 8); // Return successfully, but do not execute a built-in filter.return SCRIPT_RET_SUCCESS; [ScriptTrace]var = usernamevar = type

Example 2: Adding Values to Multi-Valued Attributes

This example demonstrates the difference between adding values to orderable and non-orderable multi-valued attributes. The script is configured as an inbound filter. A profile is created to assign three unique Reply-Message and three unique Filter-Id attribute value strings to the response attribute list. Subsequently, the script adds four new values to each attribute, two of them unique and two of them duplicates. All attribute values are printed to the server log before and after the new values are added. Because the Reply-Message attribute is orderable, the new values are concatenated to the value list and the duplicates are preserved. Because the Filter-Id attribute is non-orderable, the new attributes are merged to the list and the duplicates do not appear in the final list.

[Settings]LogLevel = 2ScriptTraceLevel = 0 [Script]// Initialization block
if (!this.initialized) { filter = new AttributeFilter(); initialized = true;}
 // Print out all Reply-Message attribute values.var attr = "";
for(var i = 0; attr != null; i++) { attr = filter.Get("Reply-Message", i); if (attr != null) { SbrWriteToLog("Reply-Message[" + i + "] = '" + attr + "'");}}
 // Add Reply-Message attribute values.filter.Add("Reply-Message", "Reply-Message 1");filter.Add("Reply-Message", "Reply-Message 2");filter.Add("Reply-Message", "Reply-Message 4");filter.Add("Reply-Message", "Reply-Message 5"); // Print out the new set of Reply-Message attribute values. Since Reply-Message// is orderable, the values are concatenated, not merged.attr = "";
for(var i = 0; attr != null; i++) { attr = filter.Get("Reply-Message", i); if (attr != null) { SbrWriteToLog("Reply-Message[" + i + "] = '" + attr + "'");}}
 // Print out all Filter-Id attribute values.attr = "";
for(var i = 0; attr != null; i++) { attr = filter.Get("Filter-Id", i); if (attr != null) { SbrWriteToLog("Filter-Id[" + i + "] = '" + attr + "'");}}
 // Add Filter-Id attribute values.filter.Add("Filter-Id", "Filter-Id 1");filter.Add("Filter-Id", "Filter-Id 2");filter.Add("Filter-Id", "Filter-Id 4");filter.Add("Filter-Id", "Filter-Id 5"); // Print out the new set of Filter-Id attribute values. Since Filter-Id // is not orderable, the values are merged, not concatenated.attr = "";
for(var i = 0; attr != null; i++) { attr = filter.Get("Filter-Id", i); if (attr != null) { SbrWriteToLog("Filter-Id[" + i + "] = '" + attr + "'");}} while (attr != null);
 // All done.return SCRIPT_RET_SUCCESS;

 

Modified: 2017-03-07