API Gateway: Updating siteMinderConfigurations with security zone ID via RESTMAN

book

Article ID: 197800

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

How do you update the siteMinderConfigurations (with security zone ID) to add additional policy server information using RESTMAN?

Cause

The register option in Manage CA Single Sign-On Configurations allows adding the policy server details on the Gateway side. In SiteMinder terms, this is called registering the host with the SiteMinder policy server. There may be a requirement to add more policy server information as failover options (like you add it in SmHost.conf file).

Environment

Release : 9.4 and above

Component : API GATEWAY

Resolution

These instructions are tested with the SoapUI tool but you may use any tool that supports REST API calls. The RESTMAN service must be configured in Gateway for this to work.

  • Use GET request to get the current siteMinderConfigurations from the Gateway (https://hostname.fqdn:8443/restman/1.0/siteMinderConfigurations/e7710575a1811ffc7166e9c1ac43782b)
  • Save the output from the GET request in a file and modify the details as needed to add additional policy server(s)
  • Keep only the data between <l7:SiteMinderConfiguration>...</l7:SiteMinderConfiguration> tags and remove everything else. The data between <l7:SiteMinderConfiguration>...</l7:SiteMinderConfiguration> tags is the only data needed to send for updating the configuration
  • Make sure to modify the first line and add xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management" and remove the version setting
  • Add the required policy server information and use PUT command to update the configuration

 

Sample files from this test are attached as get.xml and put.xml that you can use for reference.

Additional Information

  • Refer to "Cluster Settings" in the document for proper key tags https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/ca-single-sign-on-configuration-properties.html

Attachments

1598020935831__put.xml get_app
1598020925248__get.xml get_app