Layer7 Access Management

Expand all | Collapse all

SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

  • 1.  SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

    Posted 03-12-2015 10:32 AM

    Just curious if people have used the test tool with this build of the policy server.



  • 2.  Re: SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

    Posted 03-12-2015 10:44 AM

    additionally, i'd be curious to know if you had success wit 4.x, 5,x or radius



  • 3.  Re: SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

    Posted 03-20-2015 12:44 AM

    I have tested with latest release Version: 12.52; Update: 01.01; Build: 640; CR: 01;

    The SM Test Tool is still the version 6.0 when you click "about". So this is the same.



  • 4.  Re: SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

    Posted 03-20-2015 07:46 AM

    Kent,

     

    so i know, why did you choose to tell me the version of the tool?

    i am asking because there is obviously a disconnect on what i am asking for and what i received as an answer. i would like to correct that.

     

    -josh



  • 5.  Re: SiteMinder Test Tool and Policy Server R12.52 SP0 CR1 Build154

    Posted 03-20-2015 11:51 AM

    I should note that after  posting this compiling the pure java sample in the sdk with the following code allowed for the  isolation testing to be done.

    Please note the changes in lines 62-76, 119, 132 and 133 are the only changes from the default sample code. CA Representatives stated to me that this would allow for isolation testing. Also mentioned they can't officially support the SDK creations, but if  there are problems with this in the future they would work with me to determine changes causing them.

     

    /*
    ** Copyright (c) 2009 CA.  All rights reserved.
    ** This software may not be duplicated, disclosed or reproduced in whole or
    ** in part for any purpose except as authorized by the applicable license agreement,
    ** without the express written authorization of CA. All authorized reproductions
    ** must be marked with this language.
    **
    ** TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS
    ** SOFTWARE “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING
    ** WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
    ** FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.  IN NO EVENT
    ** WILL CA BE LIABLE TO THE END USER OR ANY THIRD PARTY FOR ANY LOSS
    ** OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS MATERIAL,
    ** INCLUDING WITHOUT LIMITATION, LOST PROFITS, BUSINESS
    ** INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY
    ** ADVISED OF SUCH LOSS OR DAMAGE.
    */
    
    
    /*
    *
    *              SiteMinder Agent API Sample.
    *
    * Usage: java JavaTestClient [-l]
    *
    *        -l    Logs the output to a file
    *
    * (see the classpath options in the supplied
    * java-run.bat and java-run.sh scripts)
    */
    
    
    
    
    import java.io.*;
    import java.net.*;
    import java.util.*;
    import netegrity.siteminder.javaagent.*;
    
    
    public class JavaTestClient
    {
        // Logging
        private static PrintWriter logWriter    = null;
        private static final String CRLF        = System.getProperty("line.separator");
        private static final String OS_NAME     = System.getProperty("os.name");
    
    
        // Resource bundle (smjsdksample.properties)
        private static ResourceBundle bundle    = null;
        private static final String BUNDLE_NAME = "smjsdksample";
    
    
        private String clientIPAddr             = null;
        private static String USER_NAME         = null;
        private static String USER_PWD          = null;
        private static String SECTION_SEP       = "";
    
    
    
    
        static
        {
            // Initialize resource bundle
            try
            {
                bundle = ResourceBundle.getBundle(BUNDLE_NAME);
                SECTION_SEP   = bundle.getString("SECTION_SEPARATOR");
    
    
      // this chunk added by Josh Perlmutter to use Interactive Credentials
      System.out.println("\nWelcome to the Java Policy Server Tester\n");
      System.out.println("------------------------------------------\n");
      System.out.println("Who would you like to login as?\n");
      Scanner getcreds = new Scanner (System.in);
      String uname = getcreds.nextLine(); // get the login name
      USER_NAME = uname; // set the login name
      System.out.println("What is the current password?\n");
      String upass = getcreds.nextLine(); // get the password
      USER_PWD = upass; // set the password
    
    
      // Next two lines were original and relied on the properties file
                // USER_NAME     = bundle.getString("USER_NAME");
                // USER_PWD      = bundle.getString("USER_PWD");
      // End UserName/Password Adjustments
            }
            catch (MissingResourceException mre)
            {
                LogFatal("Failed to load the resource bundle (missing resources) " + BUNDLE_NAME);
            }
            catch (ClassCastException cce)
            {
                LogFatal("Failed to load the resource bundle " + BUNDLE_NAME);
            }
            catch (NullPointerException npe)
            {
                LogFatal("Failed to load the resource bundle.");
            }
        }
    
    
      // main entry point
        public static void main(String[] args)
        {
            JavaTestClient testclient = new JavaTestClient();
    
    
            // Parse command line arguments
            for (int i = 0; i < args.length; ++i)
            {
                // '-l' enables logging to a file
                if ((args[i].trim()).equalsIgnoreCase("-l"))
                {
                    try
                    {
                        String logFile = bundle.getString("LOGFILE_NAME");
                        logWriter = new PrintWriter(new BufferedWriter(new FileWriter(logFile)));
                    }
                    catch (IOException ioe)
                    {
                        LogException(ioe);
                        logWriter = null;   // no logging
                    }
    
    
                    break;
                }
            }
    
      Scanner reader = new Scanner (System.in);
      // System.out.println("\nWelcome to the Java Policy Server Tester\n"); // commented out for Username/Password adjustments
      System.out.println("------------------------------------------\n");
      System.out.println("Do you want to connect through:\n");
      System.out.println("(1) 4.x Agent Interface\n");
      System.out.println("(2) 5.x Agent Interface(smreghost utility must be run before it)\n");
      System.out.println("------------------------------------------\n");
      System.out.println("Enter the Agent type(1/2) to connect: ");
      int input = reader.nextInt();
    
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_HEADER") + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_INIT") + CRLF);
    
    
            String agentIP = bundle.getString("AGENT_IP");
            // String agentName = bundle.getString("OBJNAME_PREFIX") + "agent"; // this is the original line
      String agentName = bundle.getString("AGENT_NAME"); // this line is the adjustment to use the properties file
            String agentSecret = bundle.getString("AGENT_SECRET");
            testclient.clientIPAddr = agentIP;
    
    
            AgentAPI agentapi               = new AgentAPI();
            ServerDef serverdef             = new ServerDef();
            serverdef.serverIpAddress       = bundle.getString("PS_IP");
            serverdef.connectionMin         = new Integer(bundle.getString("PS_CONMIN")).intValue();
            serverdef.connectionMax         = new Integer(bundle.getString("PS_CONMAX")).intValue();
            serverdef.connectionStep        = new Integer(bundle.getString("PS_CONSTEP")).intValue();
            serverdef.timeout               = new Integer(bundle.getString("PS_TIMEOUT")).intValue();
            serverdef.authenticationPort    = new Integer(bundle.getString("PS_AUPORT")).intValue();
            serverdef.authorizationPort     = new Integer(bundle.getString("PS_AZPORT")).intValue();
            serverdef.accountingPort        = new Integer(bundle.getString("PS_ACPORT")).intValue();
      InitDef initdef = null;
    
      switch (input)
      {
      case 1:
      initdef = new InitDef(agentName,
                                          agentSecret,
                                          false,
                                          serverdef);
    
    
      Log(CRLF + bundle.getString("AGENTAPI_PS_IP") + serverdef.serverIpAddress);
      Log(CRLF + bundle.getString("AGENTAPI_AGENT_IP") + agentIP);
      Log(CRLF + bundle.getString("AGENTAPI_AGENT_NAME") + agentName);
      Log(CRLF + bundle.getString("AGENTAPI_AGENT_SECRET") + agentSecret);
      break;
    
      case 2:
      initdef = new InitDef();
      Log(CRLF + bundle.getString("AGENTAPI_AGENT_NAME") + agentName);
      String SmHostFilePath = bundle.getString("HOSTCONFPATH") + bundle.getString("HOSTCONFIGFILE");
      int configStatus = agentapi.getConfig(initdef, agentName,SmHostFilePath);
      if(configStatus == AgentAPI.FAILURE)
      {
      LogFatal("GetConfig method returned error. Check agentName & SmHost.conf file path is correct");
      }
      break;
      }
    
    
            int retcode = agentapi.init(initdef);
    
    
            if (retcode != AgentAPI.SUCCESS)
            {
                LogFatal(bundle.getString("FAILED_CONNECT"));
            }
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_AGENTINSINFO") + CRLF);
    
    
            AgentInstanceDef agentInstanceDef = new AgentInstanceDef("SampleSDK",
                                                                     "R12.5",
                                                                     "SDK Agent",
                                                                     OS_NAME,
                                                                     bundle.getString("AGENTGUID_FILE"),
                                                                     "ACO-SampleSDK",
                                                                     "HCO-SampleSDK",
                                                                     "COMPAT");
    
    
    
    
            retcode = agentapi.setAgentInstanceInfo(agentInstanceDef);
            Log(CRLF + bundle.getString("AGENTAPI_AGENT_INS_INFO") + retcode + testclient.getRetCodeString(retcode));
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_DOMANAGEMENT") + CRLF);
    
    
    
    
            ManagementContextDef mgtCtxDef = new ManagementContextDef(ManagementContextDef.MANAGEMENT_GET_AGENT_COMMANDS, "");
    
    
            AttributeList attrList = new AttributeList();
            retcode = agentapi.doManagement(mgtCtxDef, attrList);
            Log(CRLF + bundle.getString("AGENTAPI_AGENT_CMDS") + retcode + testclient.getRetCodeString(retcode));
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_ISPROTECTED") + CRLF);
    
    
            String resource = bundle.getString("RESOURCE_NAME");
            ResourceContextDef resctxdef = new ResourceContextDef(agentName, "", resource, "GET");
            RealmDef realmdef = new RealmDef();
    
    
            Log(CRLF + bundle.getString("AGENTAPI_RESOURCE") + resource);
            Log(CRLF + bundle.getString("AGENTAPI_ACTION") + "GET");
    
    
            // The realmdef object will contain the realm handle for the resource
            // if the resource is protected.
            retcode = agentapi.isProtected(agentIP,
                                           resctxdef,
                                           realmdef);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_ISPROT_RET") + retcode);
    
    
            if (retcode != AgentAPI.YES)
            {
                if (retcode == AgentAPI.NO)
                {
                    Log(" " + bundle.getString("AGENTAPI_ISPROT_NO"));
                }
    
    
                testclient.cleanup(agentapi, null);
            }
            else
            {
                Log(" " + bundle.getString("AGENTAPI_ISPROT_YES"));
            }
    
    
            Log(CRLF + bundle.getString("AGENTAPI_REALM_NAME") + realmdef.name);
            Log(CRLF + bundle.getString("AGENTAPI_REALM_OID") + realmdef.oid);
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_AUTHENTICATE") + CRLF);
    
    
            UserCredentials usercreds = new UserCredentials(USER_NAME, USER_PWD);
            SessionDef sessionDef = new SessionDef();
            attrList = new AttributeList();
    
    
            retcode = agentapi.login(agentIP,
                                     resctxdef,
                                     realmdef,
                                     usercreds,
                                     sessionDef,
                                     attrList);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_LOGIN") + retcode + testclient.getRetCodeString(retcode));
    
    
            if (retcode != AgentAPI.YES)
            {
                testclient.cleanup(agentapi, sessionDef);
            }
    
    
            Log(CRLF + bundle.getString("AGENTAPI_SESSION_ID") + sessionDef.id);
            Log(CRLF + bundle.getString("AGENTAPI_SESSION_SPEC") + sessionDef.spec);
            Log(CRLF + bundle.getString("AGENTAPI_ATTRIBUTES"));
            testclient.displayAttributes(attrList);
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_ISAUTHORIZED") + CRLF);
            String transID = "TranCode1";
    
    
            retcode = agentapi.authorize("",
                                         transID,
                                         resctxdef,
                                         realmdef,
                                         sessionDef,
                                         attrList);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_ISAUTHOR_RET") + retcode + testclient.getRetCodeString(retcode));
    
    
            Log(CRLF + bundle.getString("AGENTAPI_SESSION_ID") + sessionDef.id);
            Log(CRLF + bundle.getString("AGENTAPI_SESSION_SPEC") + sessionDef.spec);
            Log(CRLF + bundle.getString("AGENTAPI_ATTRIBUTES"));
            testclient.displayAttributes(attrList);
    
    
            byte[] bval = new String("String value").getBytes();
            AttributeList respAttrList = new AttributeList();
            respAttrList.addAttribute(1, 2, 3, "String oid" , bval);
            respAttrList.addAttribute(7, 8, 9, "String oid" , bval);
    
    
            retcode = agentapi.updateAttributes(agentIP,
                                                "Transaction Id",
                                                resctxdef,
                                                realmdef,
                                                sessionDef,
                                                attrList,
                                                respAttrList);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_ATTRS_UPDATE"));
            testclient.displayAttributes(respAttrList);
    
    
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_SSO_TOKEN") + CRLF);
    
    
            // login again to get the attributes
            retcode = agentapi.login(agentIP,
                                     resctxdef,
                                     realmdef,
                                     usercreds,
                                     sessionDef,
                                     attrList);
    
    
            Enumeration attrListEnum = attrList.attributes();
            byte[] bDNval = {0};
    
    
            while (attrListEnum.hasMoreElements())
            {
                Attribute attr = (Attribute) attrListEnum.nextElement();
    
    
                if (attr.id == agentapi.ATTR_USERDN)
                {
                    bDNval = attr.value;
                }
            }
    
    
            // create attribute list for creating an SSO token
            AttributeList ssoAttrs = new AttributeList();
    
    
            // add the username attribute to the list
            byte[] bUNval = USER_NAME.getBytes();
            ssoAttrs.addAttribute(agentapi.ATTR_USERNAME, 0, 0, "" , bUNval);
    
    
            // add the user dn attribute to the list
            ssoAttrs.addAttribute(agentapi.ATTR_USERDN, 0, 0, "" , bDNval);
    
    
            // add the IP address attribute to the list
            byte[] bIPval = agentIP.getBytes();
            ssoAttrs.addAttribute(agentapi.ATTR_CLIENTIP, 0, 0, "" , bIPval);
    
    
            // this object will recieve the token
            StringBuffer ssoToken = new StringBuffer();
    
    
            retcode = agentapi.createSSOToken(sessionDef, ssoAttrs, ssoToken);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_CREATE_TOKEN") + retcode + testclient.getRetCodeString(retcode));
            Log(CRLF + bundle.getString("AGENTAPI_SESSION_TOKEN") + ssoToken.toString());
    
    
            // create attribute list to receive attributes from the SSO token
            AttributeList ssoRespAttrs = new AttributeList();
            TokenDescriptor tokendesc = new TokenDescriptor(0, false);
    
    
            // request that an updated token be produced
            boolean updateToken = true;
    
    
            // this object will recieve the updated token
            StringBuffer updatedSSOToken = new StringBuffer();
    
    
            retcode = agentapi.decodeSSOToken(ssoToken.toString(),
                                              tokendesc,
                                              ssoRespAttrs,
                                              updateToken,
                                              updatedSSOToken);
    
    
            Log(CRLF + bundle.getString("AGENTAPI_DECODE_TOKEN") + retcode + testclient.getRetCodeString(retcode));
    
    
            if (retcode == AgentAPI.SUCCESS)
            {
                Log(CRLF + bundle.getString("AGENTAPI_TOKEN_VERSION") + tokendesc.ver);
                Log(CRLF + bundle.getString("AGENTAPI_TOKEN_3PARTY") + tokendesc.bThirdParty);
                Log(CRLF + bundle.getString("AGENTAPI_TOKEN_ATTRS"));
                testclient.displayAttributes(ssoRespAttrs);
    
    
                // updated the token
                retcode = agentapi.decodeSSOToken(ssoToken.toString(),
                                                  tokendesc,
                                                  ssoRespAttrs,
                                                  updateToken,
                                                  updatedSSOToken);
    
    
                Log(CRLF + CRLF + bundle.getString("AGENTAPI_UPDATE_TOKEN") + retcode + testclient.getRetCodeString(retcode));
                Log(CRLF + bundle.getString("AGENTAPI_TOKEN_ATTRS"));
                testclient.displayAttributes(ssoRespAttrs);
            }
    
    
            testclient.cleanup(agentapi, sessionDef);
        }
    
    
    
    
        private void
        displayAttributes(AttributeList attributeList)
        {
            boolean isFirstElem = true;
            Enumeration enumer  = attributeList.attributes();
    
    
            if (!enumer.hasMoreElements())
            {
                Log(bundle.getString("AGENTAPI_NONE"));
            }
    
    
            while (enumer.hasMoreElements())
            {
                Attribute attr = (Attribute) enumer.nextElement();
    
    
                if (!isFirstElem)
                {
                    Log(CRLF + "\t\t\t\t\t");
                }
    
    
                Log(attr.id + "\t" + new String(attr.value));
                isFirstElem = false;
            }
        }
    
    
    
    
        private String
        getRetCodeString(int retcode)
        {
            if (retcode == AgentAPI.YES)
            {
                return " " + bundle.getString("AGENTAPI_YES");
            }
    
    
            if (retcode == AgentAPI.NO)
            {
                return " " + bundle.getString("AGENTAPI_NO");
            }
    
    
            if (retcode == AgentAPI.SUCCESS)
            {
                return " " + bundle.getString("AGENTAPI_SUCCESS");
            }
    
    
            if (retcode == AgentAPI.FAILURE)
            {
                return " " + bundle.getString("AGENTAPI_FAILURE");
            }
    
    
            if (retcode == AgentAPI.CHALLENGE)
            {
                return " " + bundle.getString("AGENTAPI_CHALLENGE");
            }
    
    
            if (retcode == AgentAPI.TIMEOUT)
            {
                return " " + bundle.getString("AGENTAPI_TIMEOUT");
            }
    
    
            if (retcode == AgentAPI.NOCONNECTION)
            {
                return " " + bundle.getString("AGENTAPI_NOCONNECTION");
            }
    
    
            return "";
        }
    
    
    
    
        private void
        cleanup(AgentAPI agentapi,
                SessionDef sdef)
        {
            Log(CRLF + SECTION_SEP + CRLF);
            Log(CRLF + CRLF + bundle.getString("AGENTAPI_CLEANUP") + CRLF);
            int retcode;
    
    
            if (sdef != null)
            {
                retcode = agentapi.logout(this.clientIPAddr, sdef);
                Log(CRLF + bundle.getString("AGENTAPI_LOGOUT") + retcode + this.getRetCodeString(retcode));
            }
    
    
            retcode = agentapi.unInit();
            Log(CRLF + bundle.getString("AGENTAPI_UNINIT") + retcode + this.getRetCodeString(retcode));
            Log(CRLF + CRLF + bundle.getString("SAMPLE_FOOTER") + CRLF + CRLF);
    
    
            if (logWriter != null)
            {
                logWriter.close();
            }
    
    
            System.exit(0);
        }
    
    
    
    
        private static void
        Log(String log)
        {
            System.out.print(log);
    
    
            if (logWriter != null)
            {
                logWriter.print(log);
            }
        }
    
    
    
    
        private static void
        LogError(String errLog)
        {
            Log(CRLF + "ERROR: " + errLog);
        }
    
    
    
    
        private static void
        LogException(Exception e)
        {
            Log(CRLF + "EXCEPTION: " + e.getMessage());
        }
    
    
    
    
        private static void
        LogFatal(String fatalLog)
        {
            Log(CRLF + "FATAL: " + fatalLog);
    
    
            if (logWriter != null)
            {
                logWriter.close();
            }
    
    
            System.exit(-1);
        }
    }
    
    
    // EOF JavaTestClient.java