Skip to main content

Security rules example: Access to stream by user attributes

In this example, you create access rights to a specific stream by using the user attributes that are retrieved from ticket authentication or session and SAML attributes.

To enable using the user attributes you must first add the ticket via the proxy API.
 

Procedure

  1. Select Security rules and click Create new Create new.

  2. The resource filter for the rule should be set to filter on a specific stream.

    In the Advanced section, fill in the Resource filter field with text as per Security rule code.

  3. You now need to set the conditions to specify the users that the rule applies to.

    In the Advanced section, fill in the Conditions field with text as per Security rule code.

  4. Set the actions that the rule should provide.

    In the Basic section, select Actions as per Security rule code.

  5. Type a name for the security rule in the Name field.

  6. Click Apply.

You have now created access to a specific stream based on ticket authentication user attributes.

Security rule code

The following is the security rule code for this example, with explanatory comments.

Security rule code fields
Field Code Comments
Resource filter Stream_<GUID>

Specifically filters on the stream with a specific GUID.

Conditions resource.resourcetype="Stream" and (user.environment.<Attribute1>="<Value1a>")

resource.resourcetype="Stream"

The rule applies to streams.

(user.environment.<Attribute1>="<Value1a>")

The rule applies to the users where the attribute equals the value.

Actions read

Read actions will be granted provided that the conditions are met.