This Document will demonstrate how to set up a WebService variable and how to use it in a authorization response.

• We will set up a local webservice in the IIS Web Server ? test it
  
  
• We will set up the WebService variable
  
  
• We will create realm, policy for all users
  
  
• We will set up the response
  
  
• We will test it by using the Test tool
  
  
• We use a pre-installed policy server R12SP2 with users configured in LDAP

Using IIS and deploy the Web Service

Open IIS manager

Start / Program / Administrative Tools / IIS Manager

Check Web Service Extention

<Please see attached file for image>

Deploy Web Service

Create directory webservice under C:\intepub\wwwroot\webservice (Web Server Root)

Copy the file echoback.asp

<%@ language=JScript%>
<%      
var xmlDoc = Server.CreateObject("Msxml2.DOMDocument");    
xmlDoc.async = false; 
xmlDoc.resolveExternals = false;
xmlDoc.preserveWhiteSpace = true;
xmlDoc.load(Request);
iParseErr = xmlDoc.parseError;
if (iParseErr == 0){
      Response.write(xmlDoc.xml);
}
else
{
      Response.write("<br>Error Code: ")
      Response.write(xmlDoc.parseError.errorCode)
      Response.write("<br>Error Reason: ")
      Response.write(xmlDoc.parseError.reason)
      Response.write("<br>Error Line: ")
      Response.write(xmlDoc.parseError.line)
      Response.write("<br>Error String: ")
      Response.Write(xmlDoc.parseError.srcText)
}
%>

Test the Web Service:

<Please see attached file for image>

Using the FSS UI create the WebService variable

Open the FSS AdminUi

Go to the Domain tab, Protected Domain, Right click on WebService Variables

<Please see attached file for image>

Create Variable

<Please see attached file for image>

Fill the following

Name
WSVAR

Retturn Type
String

General tab

URL
http://ulod8614.ca.com/WebService/echoback.asp

Return Query

/soap:Envelope/soap:Body/soap:GetEchoResponse/soap:GetEchoResult/text()

<Please see attached file for image>

SOAP Document Tab

SOAP Body
<soap:GetEchoResponse xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

<soap:GetEchoResult xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">$userid$</soap:GetEchoResult>   

</soap:GetEchoResponse>

<Please see attached file for image>

Apply

Using the FSS UI add the WebService variable to a response

Go to Domain tab, Protected Domain, Right click on Responses

Fill the following

Name

My Response

Attribute list

Create

Attribute
WebAgent-HTTP-Header-Variable

Variable Name
WSVAR

Variable Value
WSVAR

<Please see attached file for image>

Associate the response to a rule

Go to policy, all, Rule tab, click on set Response...

<Please see attached file for image>

Select My Response

<Please see attached file for image>

Apply/Ok

Apply/Ok

Test the WebService using the Test Tool

Open the test tool

Start / Program / CA / SiteMinder/ SiteMinder Test tool

<Please see attached file for image>

Fill the following

SiteMinder Agent

Version 4

Agent name
4x

Secret
Firewall

Server
ulod8614.ca.com

Resource Information

Resource
/protected/toto

Action
Get

User Information

Username
User1

Password
firewall

Click Connect

<Please see attached file for image>

Click IsProtected

<Please see attached file for image>

Click IsAuthenticated

<Please see attached file for image>

Click IsAuthorized

<Please see attached file for image>

That's all folks