Protected object policies
Protected object policies, or POPs, are policies that contain extra conditions on the requests that are sent to the ISAM and WebSEAL along with the yes ACL policy decision from the authorization service. ISAM and the resource manager enforce the POP conditions. The following tables list the available attributes for a POP:
Enforced by ISAM POP Attribute Description Name Name of the policy. This attribute becomes the <pop-name> argument in the pdadmin pop commands. Description Descriptive text for the policy. This attribute appears in the pop show command. Warning Mode Provides administrators a means to test ACL and POP policies. Audit Level Type of auditing: all, none, successful access, denied access, errors. Time-of-Day Access Day and time restrictions for successful access to the protected object.
Enforced by Resource Manager (WebSEAL) POP Attribute Description Quality of Protection Degree of data protection: none, integrity, privacy. IP Endpoint Authentication Method Policy Authentication requirements for access from members of external networks. Document Cache Control Caching instructions for the handling of specific documents. Parent topic: Security concepts for a WebSEAL deployment