ml_add_user_auth_policy system procedure

Use this system procedure to add MobiLink user authentication policies.

Syntax

ml_add_user_auth_policy ( 
'policy_name', 
'primary_ldsrv_name', 
'secondary_ldsrv_name', 
'ldap_auto_failback_period'
'ldap_failover_to_std'
)

Parameters

Syntax	Description
policy_name	VARCHAR(128). A unique user authentication policy name.
primary_ldsrv_name	VARCHAR(128). Specifies the primary LDAP server name to be used to authenticate this user. The specified LDAP server name must already exist in the ml_ldap_server table.
secondary_ldsrv_name	VARCHAR(128). Specifies the secondary LDAP server name for failover purposes. The secondary LDAP server name must already exist in the ml_ldap_server table.
ldap_auto_failback_period	INTEGER. Use this parameter to inform the MobiLink server when it should failover to the primary LDAP server for user authentication. The time is specified in seconds and the default value is 900 seconds (15 minutes). When the primary LDAP server is not available for user authentication, the MobiLink server remembers when the problem was detected and switches to the secondary server for user authentication. The MobiLink server then switch back to use the primary server for user authentication for whatever users who are currently using this user authentication policy, when the elapsed time since the failure was detected has reached @ldap_auto_failback_period.
ldap_failover_to_std	INTEGER. Specifies whether or not the MobiLink server should use standard methods (password and user authentication scripts) to authenticate the user when neither the primary or secondary LDAP server is available. The value can be 1 (TRUE) or 0 (FALSE). The default is 1.

This procedure adds a user authentication policy to the ml_user_auth_policy table, if the specified policy_name does not exist in the table. If the policy_name is already in the table, executing this procedure with non-NULL parameters updates all the corresponding fields with the specified non-NULL parameters. For instance, the following SQL statement updates the user authentication policy policy_1 to use ldap_server2 as a secondary LDAP server and enables failover to use standard password and user authentication script based authentication, when both the primary and secondary LDAP servers are unavailable.

call ml_add_user_auth_policy( 'policy_1', NULL, 'ldap_server2', NULL, 1 )

To delete an authentication policy, all parameters except for policy_name should be NULL.

When adding a MobiLink user authentication policy, the parameter primary_ldsrv_name cannot be NULL but the secondary_ldsrv_name parameter can be NULL.