SDK Custom AssertionGeneratorPlugin implementation questions
Article ID: 276728
Updated On:
Products
Issue/Introduction
How to implement an SDK Custom AssertionGeneratorPlugin?
Environment
Policy Server 12.8SP7 on RedHat 7
SDK 12.8SP7 on RedHat 7
Resolution
The documentation precises the steps and aspect of deployment of a Custom Assertion Generator Plugin (1)(2)(3).
The documentation provides also the Java SDK API details in the javadoc-sdk.zip (4).
Here's the steps about how to set the sample in order for the Policy Server to apply it and not ignore it (on a Linux box):
# export PATH=${PATH}:/{path_to_jdk}/bin/ # cd /{path_to_sdk}/samples/assertiongeneratorplugin/ # ./java-build.sh # jar -cf AssertionGenerator.jar com/netegrity/assertiongenerator/*.class # cp -p AssertionGenerator.jar /opt/CA/siteminder/bin/thirdparty/ # ls -l /{home_policy_server}/bin/thirdparty/AssertionGenerator.jar # chmod 775 /{home_policy_server}/bin/thirdparty/AssertionGenerator.jar # source /{home_policy_server}/ca_ps_env.ksh # /{home_policy_server}/stop-ps # /{home_policy_server}/start-ps
In JVMOptions.txt, change the following:
From :
-Djava.class.path=/{home_policy_server}/resources:/{home_policy_server}/config/properties:/{home_policy_server}/bin/jars/smbootstrap.jar:/{home_policy_server}/bin/thirdparty/log4j-api-2.12.1.jar:/{home_policy_server}/bin/thirdparty/log4j-core-2.12.1.jar:/{home_policy_server}/bin/thirdparty/log4j-slf4j-impl-2.12.1.jar
To :
-Djava.class.path=/{home_policy_server}/resources:/{home_policy_server}/config/properties:/{home_policy_server}/bin/jars/smbootstrap.jar:/{home_policy_server}/bin/thirdparty/log4j-api-2.12.1.jar:/{home_policy_server}/bin/thirdparty/log4j-core-2.12.1.jar:/{home_policy_server}/bin/thirdparty/log4j-slf4j-impl-2.12.1.jar:/{home_policy_server}/bin/thirdparty/AssertionGenerator.jar
Assertion Configuration:
Plug-in Class: com.netegrity.assertiongenerator.AssertionSample Plug-in Parameters: <the parameter your custom code needs>
Remember that custom code falls under your responsibility (5).
Additional Information
- Interaction between the Policy Server and an Assertion Generator
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/programming/sdks/programming-in-java/authentication-api-and-authorization-api-in-java/use-the-authorization-api.html - Deploy an Assertion Generator Plug-in
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/partnership-federation/assertion-configuration-at-the-asserting-party/customize-assertion-content.html - Customizing a SAML Assertion
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/programming/federation-programming/federation-java-sdk/using-the-federation-java-sdk.html#concept.dita_ef99784186a03888687b3317fc84c2612dee5829_CustomizingaSAMLAssertion - Java SDK API Reference
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/programming/sdks/programming-in-java.html - Support for Custom Code
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/programming/sdks.html
Feedback
