How to set up and use a WebService variable in Policy Server R12?

book

Article ID: 51388

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

This Document will demonstrate how to set up a WebService variable and how to use it in a authorization response.

  • We will set up a local webservice in the IIS Web Server ? test it

  • We will set up the WebService variable

  • We will create realm, policy for all users

  • We will set up the response

  • We will test it by using the Test tool

  • We use a pre-installed policy server R12SP2 with users configured in LDAP

Using IIS and deploy the Web Service

Open IIS manager

Start / Program / Administrative Tools / IIS Manager

Check Web Service Extention

<Please see attached file for image>

Figure 1

Deploy Web Service

Create directory webservice under C:\intepub\wwwroot\webservice (Web Server Root)

Copy the file echoback.asp

<%@ language=JScript%>
<%      
var xmlDoc = Server.CreateObject("Msxml2.DOMDocument");    
xmlDoc.async = false; 
xmlDoc.resolveExternals = false;
xmlDoc.preserveWhiteSpace = true;
xmlDoc.load(Request);
iParseErr = xmlDoc.parseError;
if (iParseErr == 0){
      Response.write(xmlDoc.xml);
}
else
{
      Response.write("<br>Error Code: ")
      Response.write(xmlDoc.parseError.errorCode)
      Response.write("<br>Error Reason: ")
      Response.write(xmlDoc.parseError.reason)
      Response.write("<br>Error Line: ")
      Response.write(xmlDoc.parseError.line)
      Response.write("<br>Error String: ")
      Response.Write(xmlDoc.parseError.srcText)
}
%>

Test the Web Service:

<Please see attached file for image>

Figure 2

Using the FSS UI create the WebService variable

Open the FSS AdminUi

Go to the Domain tab, Protected Domain, Right click on WebService Variables

<Please see attached file for image>

Figure 3

Create Variable

<Please see attached file for image>

Figure 4

Fill the following

Name
WSVAR

Retturn Type
String

General tab

URL
http://ulod8614.ca.com/WebService/echoback.asp

Return Query

/soap:Envelope/soap:Body/soap:GetEchoResponse/soap:GetEchoResult/text()

<Please see attached file for image>

Figure 5

SOAP Document Tab

SOAP Body
<soap:GetEchoResponse xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:GetEchoResult xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">$userid$</soap:GetEchoResult>   
</soap:GetEchoResponse>

<Please see attached file for image>

Figure 6

Apply

Using the FSS UI add the WebService variable to a response

Go to Domain tab, Protected Domain, Right click on Responses

Fill the following

Name

My Response

Attribute list

Create

Attribute
WebAgent-HTTP-Header-Variable

Variable Name
WSVAR

Variable Value
WSVAR

<Please see attached file for image>

Figure 7

Associate the response to a rule

Go to policy, all, Rule tab, click on set Response...

<Please see attached file for image>

Figure 8

Select My Response

<Please see attached file for image>

Figure 9

Apply/Ok

Apply/Ok

Test the WebService using the Test Tool

Open the test tool

Start / Program / CA / SiteMinder/ SiteMinder Test tool

<Please see attached file for image>

Figure 10

Fill the following

SiteMinder Agent

Version 4

Agent name
4x

Secret
Firewall

Server
ulod8614.ca.com

Resource Information

Resource
/protected/toto

Action
Get

User Information

Username
User1

Password
firewall

Click Connect

<Please see attached file for image>

Figure 11

Click IsProtected

<Please see attached file for image>

Figure 12

Click IsAuthenticated

<Please see attached file for image>

Figure 13

Click IsAuthorized

<Please see attached file for image>

Figure 14

That's all folks

Environment

Release:
Component: SMPLC

Attachments

1558711557388000051388_sktwi1f5rjvs16sb0.gif get_app
1558711555518000051388_sktwi1f5rjvs16saz.gif get_app
1558711553779000051388_sktwi1f5rjvs16say.gif get_app
1558711552049000051388_sktwi1f5rjvs16sax.gif get_app
1558711547792000051388_sktwi1f5rjvs16saw.gif get_app
1558711545290000051388_sktwi1f5rjvs16sav.gif get_app
1558711543090000051388_sktwi1f5rjvs16sau.gif get_app
1558711541009000051388_sktwi1f5rjvs16sat.gif get_app
1558711538241000051388_sktwi1f5rjvs16sas.gif get_app
1558711535972000051388_sktwi1f5rjvs16sar.gif get_app
1558711534084000051388_sktwi1f5rjvs16saq.gif get_app
1558711532045000051388_sktwi1f5rjvs16sap.gif get_app
1558711530094000051388_sktwi1f5rjvs16sao.gif get_app
1558711528116000051388_sktwi1f5rjvs16san.gif get_app