Fact

• PhenixID Identity Manager 5.0.0 or later
• Filter: Tab Restriction filter LDAPQueryTabRestrictionFilter.class

Situation

This document will describe how to use the tab restriction filter LDAPQueryTabRestrictionFilter.class, found in this file: PSD1093

Normally, a restriction filter acts upon the object that is to be opened, to verify if the tab is allowed to open. But this restriction filter will instead act upon the logged in user, to verify if he/she is allowed to open the tab.

The tab restriction filter runs an LDAP query for the logged in user. If the user matches the LDAP query the filter will allow the tab to be shown.

Solution

Filter file

Put the filter file in /customer/extension/class/psd for IM Web.

Put the filter file in /ext/class/psd for IM Configurator.

Restriction filter

Add the filter as a restriction filter to the tab by editing the tab properties.

Example:

 <RestrictedFilter>[JAVA]psd.LDAPQueryTabRestrictionFilter</RestrictedFilter>

Tab attribute

Add a string attribute to the tab with the name LDAPQueryTabRestrictionFilter. Put the LDAP query in the title of the attribute. Mark the attribute as a hidden variable.

Example 1

The tab is only allowed to open if you are a manager. Use the following LDAP query:

title=Manager