Extended attributes for CDSSO

CDSSO can handle extended attributes in two ways.

Two ways to handle extended attributes:

• The [cdsso-token-attributes] stanza of the WebSEAL configuration file is checked for configured stanza entries.
• The CDMF library is called (cdmf_get_usr_attributes) to obtain additional attributes.

Attributes from the CDMF library override any settings in the [cdcsso-token-attributes] stanza.

See the IBM Security Access Manager for Web: Web Security Developer Reference for information on writing a CDMF library.

This section describes the use of the [cdsso-token-attributes] stanza and contains the following topics: