Hierarchy
⤷ BC-SEC-LGN (Application Component) Authentication and SSO
⤷ SUSR_KRN (Package) User Administration Tables Used Kernel-Side
Basic Data
Data Element | CERT_FILTER |
Short Description | Subject Filter |
Data Type
Category of Dictionary Type | Direct Type Entry | |
Type of Object Referenced | No Information | |
Domain / Name of Reference Type | ||
Data Type | STRG | Character String of Variable Length |
Length | 0 | |
Decimal Places | 0 | |
Output Length | 0 | |
Value Table |
Further Characteristics
Search Help: Name | ||
Search Help: Parameters | ||
Parameter ID | ||
Default Component name | ||
Change document | ||
No Input History | ||
Basic direction is set to LTR | ||
No BIDI Filtering |
Field Label
Length | Field Label | |
Short | 10 | Filter |
Medium | 15 | Subject Filter |
Long | 20 | Subject Filter |
Heading | 20 | Subject Filter |
Documentation
Definition
The subject filter is used together with the issuer filter to check whether a rule can be used for a certificate. To do this, the system evaluates the attributes and the associated values of the subject filter and their position in reverse order. A rule with the subject filter "C=DE, O=SAP" can, for example, expect that the attribute C=DE is in the penultimate position and the attribute O=SAP is in the last position for the certificate subject. If this is not the case, the rule cannot be used.
Example
We have a filter with the following values: "C=DE, O=SAP" (The rule expects the attribute C=DE in the penultimate position and the attribute O=SAP in the last position)
· Subject 1: "CN=CA, C=DE, O=SAP"
The rule applies because the attributes C and O are in the expected positions.
· Subject 2: "CN=CA, O=SAP, C=DE"
The rule does not apply, since the attribute O is in the penultimate position instead of the last position, and the attribute C is in the last position instead of the penultimate position.
History
Last changed by/on | SAP | 20110908 |
SAP Release Created in | 711 |