Adding targets to a policy
Add targets to identify the requests to which the policy applies its fine-grained authorization logic. If no targets are attached to a policy, the policy applies to all requests. To make a policy only apply for all requests to a certain database, for example, add the database domain as a target.
Steps
-
Go to the policy where you want to add targets.
-
Click the next to Applies to.
-
In the left pane, click Components.
The list of components includes the items you created in the Trust Framework. Drag the appropriate domains, services, identity classes, and actions from the components to the Applies to target section on the policy.
For example, to target Mobile Banking requests, drag that domain in. To target all banking groups, add the Banking Channels domain, which is the parent of the Online Banking domain as well as the Mobile Banking domain. Because the top level is also a target, this step adds a total of three targets.
-
Click Save changes.
Example
The following example features three domains because the Banking Channels definition is the parent of the other definitions. Logically, applying an OR operation within the definition type selects one of the channels.
The following graph shows how the server evaluates the group of targets.