The <actions> that are
performed when <conditions> of
the enclosing <rule> are met. All
individual actions are represented by an element of
the form <do-*>.
Most actions take arguments that further describe
the action to be taken. Arguments that take a fixed
string that will never change at run-time are
represented by attributes on the action element.
Arguments that can be re-evaluated at run-time are
represented by child elements of the form
<arg-*>. The content of most (exceptions
noted on the documentation for the individual
arguments) of these arguments consists of a set of
tokens represented by elements of the form
<token-*>. The individual tokens are expanded
at run-time based on the rule evaluation context
and the results of the expansion of are
concatenated together to form the actual argument.
NOTE:
For the tokens that support regular expression, Identity Manager evaluates the following special characters in the regular expression context:
\ $ ^.? * + [ ] ( ) |
To use these characters as literals in a regular expression, escape the character with a backslash (“\”).
Example
See <policy>.