Layer7 Access Management

Expand all | Collapse all

Advanced Password Services- Regular Expressions

Jump to Best Answer
  • 1.  Advanced Password Services- Regular Expressions

    Posted 09-28-2016 03:00 AM

    Hi All,

    We had configured various regular expressions in BPS to allow and disallow user to use those words with certain combinations.

     

    We are implementing APS and we want to configure the same in it.

     

    Please guide how can i configure those.

     

    Regards,

    Shrawan



  • 2.  Re: Advanced Password Services- Regular Expressions

    Posted 09-28-2016 07:36 AM

    Shrawan,

     

    This is documented in the APS Admin Guide.  The 12.52-SP1 .pdf version is located at https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/PDF/aps_guide_enu.pdf

     

    Search for "regular expression" in the document to see where regular expressions can be configured.



  • 3.  Re: Advanced Password Services- Regular Expressions

    Posted 09-28-2016 07:42 AM

    Hi Gresa,

     

    Thanks for your response.

     

    I have read that document.

     

    I have doubt for regurlar expressions like *[0-9a-zA-Z]* or for expressions ending with "$". What kind of Error key i should mention for such combination?

     

    Regards,

    Shrawan



  • 4.  Re: Advanced Password Services- Regular Expressions

    Posted 09-30-2016 03:19 AM

    Hi Shrawn,

     

    Please go through this KB :

    http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec483089.aspx 

     

    SiteMinder doesn't have full fledged support to regular expression. 

    It supports only those expression listed here :

    Resource Matching and Regular Expressions - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation 

     

    This is same for BPS and APS.

    So, if you already have a regular expression in BPS, you should be able to use the same expression in APS as well.

    Please let us know if it is not working as expected.

     

    Regards,

    Ujwol 



  • 5.  Re: Advanced Password Services- Regular Expressions

    Posted 09-30-2016 03:40 AM

    Hi Ujwol,

     

    Thanks for your response

     

    i am having doubt in key value pair and syntax in which regular expressions should be configured in APS.

     

    As for digits we can use ERR_NO_STARTING_DIGIT when starting is not allowed to be done by any of these digits and similarly for Alphabets we can use ERR_ONE_UPPER.

     

    For pattern like *[0-9a-zA-Z]* what we can use as "key"? Is there any fix key in particular format or we can use any arbitrary name?

     

    Regards,

    Shrawan



  • 6.  Re: Advanced Password Services- Regular Expressions
    Best Answer

    Posted 09-30-2016 03:57 AM

    Ah, I got it now. The Keys are USER defined, meaning to say you can use ANY key.

    You just need to ensure that , the exact same Key exist in the APS.Lang (or APS.properties) file with the proper error message which can be displayed.

     

    For e.g

    If you specify , NOMatch as : 

    NoMatch=SHRAWAN_NO_TRAILING_DIGIT *[0-9]

     

    In your APS.lang you should have something like :

    SHRAWAN_NO_TRAILING_DIGIT = No trailing digit allowed.


  • 7.  Re: Advanced Password Services- Regular Expressions

    Posted 09-30-2016 04:09 AM

    Hi Ujwol

     

    That means i can even use PASSWORD_EXPRESSION only this kind of key also! right? Without writing DIGIT or TRAILING.

     

    Regards,

    Shrawan



  • 8.  Re: Advanced Password Services- Regular Expressions

    Posted 09-30-2016 04:28 AM

    That is correct.



  • 9.  Re: Advanced Password Services- Regular Expressions

    Posted 10-03-2016 10:12 AM

    Hi Ujwol,

    Thanks

     

    I am unable to find APS.lang file in my policyserver. I have checked bin/Language folder of Policy server home but APS.lang is not there.

     

    I have gone through KEDB article TEC477915 and did the same as mentioned in it but i am still not able to find APS.lan.

     

    Please guide.

     

    regards,

    Shrawan



  • 10.  Re: Advanced Password Services- Regular Expressions

    Posted 10-03-2016 10:57 AM

    Hi Shrawan,

     

    APS.Lang (or APS.properties) file

     

    Check for this file  APSAdmin.properties under <webagent_install_location>\CA\webagent\resources

     

    Regards,

    Leo Joseph.



  • 11.  Re: Advanced Password Services- Regular Expressions

    Posted 10-03-2016 11:29 AM

    Hi Leo,

     

    APSAdmin.lang, SmCPW.lang and FPS.lang files are present on webserver but i am not able to find APS.lang on policy server.

     

    Please guide.

     

    Regards,

    Shrawan



  • 12.  Re: Advanced Password Services- Regular Expressions

    Posted 10-03-2016 12:24 PM

    Hi Shrawan,

     

    Please find APS.Lang (or APS.properties) file under below location on the policy server. There may be multiple copies of each of these files, one for each locale supported by the site.

    C:\CA\siteminder\resources  (Under resources folder)

     

    Thanks,

    Sharan



  • 13.  Re: Advanced Password Services- Regular Expressions

    Posted 10-04-2016 01:48 AM

    Hi Sharan,

     

    Thanks

     i found APS.properties file at that location.

     

    Regards,

    Shrawan



  • 14.  Re: Advanced Password Services- Regular Expressions

    Posted 01-17-2017 03:57 AM

    Hello Mr.Shrestha,

     

    I saw your previous answers via this community, so that I could catch a point to configure & modify the policy of password by using following methods that you guided.

     

    But, I'm wondering how to allow to include a specific character such as $/^ and others(they're defined as regex) within words of password, while we're using the policy of password with its regular expression when created.

     

    e.g.)  Currently $ this character has been defined in the policy server to be restricted to make a new password as a regex, also it needs to be made inner side of passwords as a character.

     

    Is it possible to generate the password in this situation without deployment of patch version customized by CA Technology?(Please, help)

     

     

    * Guided by you

    C:\CA\siteminder\resources\APS.Lang (or APS.properties)

    NoMatch=SHRAWAN_NO_TRAILING_DIGIT *[0-9]
    SHRAWAN_NO_TRAILING_DIGIT = No trailing digit allowed.

    Happy working hours

     

    Thanks&Regards,

    Haeder