Layer7 Access Management

Expand all | Collapse all

CA Single Sign On Java Agent API

Jump to Best Answer
  • 1.  CA Single Sign On Java Agent API

    Posted 11-28-2016 03:16 AM

    How to implement java agent api of single sign on environment ? Basically I want to know what configuration needs to be done on policy server to contact agent api instead of default agent.



  • 2.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 03:42 AM

    Hello Ketan,

     

    Please review below guide on how to implement Java agent API:

     

    https://support.ca.com/cadocs/0/CA%20SiteMinder%20r12%20SP2-ENU/Bookshelf_Files/HTML/javadoc-sm/index.htm?toc.htm?Implement_the_Pure_Java_Agent_API.html

     

    Or the 12.52 guide link:

     

    https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/programming/programming-in-java/agent-api-guidance-for-java

     

    For samples, please also review below guide:

     

    https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/programming/about-the-sdk#AbouttheSDK-SDKSamples


    smjavaagentapi
    Java custom agent sample.
    The directory includes examples of build and run scripts. You can use the examples as models for your own scripts.
    This sample uses the policy store created by the javapolicyapi sample.


    I hope this helps.

     

    Osarobo



  • 3.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 04:55 AM

    Hello Osarobo,

    I already gone through the links you provided. I couldn't able to contact my policy server by my agent api when I provided the policy server details to it.

    The thing I was missing that what to configure at the policy server end what was written on point 6 in "To implement the pure Java Agent API" in the link you provided.

    Please help.

    Ketan



  • 4.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 05:11 AM

    Hello,

    Are you trying to run the sample agent provided ?

     

    If so then you are using a 4x agent to connect to PS

     

    > This 4x agent needs to be created according to smjsdksample.properties

    AGENT_NAME     = ***
    AGENT_SECRET   = YYY
    AGENT_IP       = xx.yy.***.www

     

    You can also use smHost.conf to connect to PS.

     

    You can also add more debugging at the agent API level bu adding :

     

    java -Dcom.ca.siteminder.sdk.agentapi.enableDebug=true myClass

     

    http://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec541302.html

     

    Julien



  • 5.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 05:47 AM

    Hi Julien,

    Yes I am trying to run the sample agent provided but with agent 12.5X.

    It says "Failed to load the resource bundle smjsdksample"

    Please help,

    Ketan



  • 6.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 05:52 AM

    Hello,

     

    Share the smjsdksample.properties and check the AGENT_NAME, AGENT_SECRET, AGENT_IP used in your environment. You would have to create an agent 4x (using the adminUI) with the same information.

     

    Julien.



  • 7.  Re: CA Single Sign On Java Agent API

    Posted 11-28-2016 04:50 PM

    Hi Ketan,

     

       Can you check if you were able to read the smjsdksample.properties file from the JavaTestClient program. Just to make sure properties file path was properly defined.

     

    Thanks

    Venkata Kuchipudi 



  • 8.  Re: CA Single Sign On Java Agent API
    Best Answer

    Posted 11-28-2016 11:26 PM

    You need to keep smjsdksample.properties file in the classpath.



  • 9.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 03:11 AM

    Hi,

    I placed the smjsdksample.properties in my src folder.errorfile

     

    I means that the file is having missing resource exception.

    Please help it out.



  • 10.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 03:27 AM

    Hello,

     

    I'm not using eclipse but command file.

     

    1. to compile : C:\Program Files (x86)\CA\sdk\samples\smjavaagentapi\java-build.cmd

    javac -classpath ..\..\properties;..\..\java\smjavasdk2.jar;..\..\java\smjavaagentapi.jar JavaTestClient.java

     

    2. to run : C:\Program Files (x86)\CA\sdk\samples\smjavaagentapi\java-run.cmd

    java -Djava.library.path=..\..\bin -classpath .;..\..\properties;..\..\java\smjavasdk2.jar;..\..\java\smjavaagentapi.jar JavaTestClient

     

    What is your JDK version ? What is the exact SDK version and OS ? are you trying 64 bit samples ?

     

    Hope it helps,

    Julien.



  • 11.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 03:37 AM

    Hi,

    I am using java 8(64 bit) hence my sample codes are 64 bit. sdk version is same as ca single sign on version i.e. 12.52

    OS 64 bit windows server 2008.

     

    Would I be facing the issue because of my platform ?

    Please Help.

    Ketan.



  • 12.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 04:00 AM

    Hello,

     

    Check the platform matrix

     

    https://support.ca.com/phpdocs/7/5262/5262_SiteMinder_12_52_SP1_Platform_Support.pdf

     

    Agent SDK 64 bit supported with windows 2008R2 and JDK Oracle 1.8 / 1.7 64 bit.

     

    so, your platform is correct.

     

    Regards,

    Julien



  • 13.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 04:59 AM
    the properties file is inside your package not within src folder directly.


    Try moving it to src directory.




  • 14.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 05:19 AM

    Hi,

    After placing the properties file in src folder it run but with the following error.error.properties file

     

    and why on console it showing a different agent name however in properties file I am having different agent name.

    I means its picking it up from somewhere else.

     

    Please help it out.



  • 15.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 05:27 AM

    FATAL ERROR: Exception from System.loadLibrary java.lang.UnsatisfiedLinkError: C:\Program Files (x86)\CA\webagent\bin\smcommonutil.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform

    FATAL ERROR: Exception from AgentAPI.initialize() java.lang.UnsatisfiedLinkError: netegrity.siteminder.javaagent.AgentAPI.initialize()V

     

    Policy Server IP Address.................: 10.92.80.157

    Agent IP Address.........................: 10.92.80.58

    Agent Name...............................: jsdksample-agent

    Agent Shared Secret......................: {RC2}ZXQUJMl81vqDzYjldddTXKYl0j1LqVTD6G+Yj5sX/azy9OgpD6PxyJtouvgUjAs0jQW/Fdanw+Wf1TIgoW+qTwfNLpjc0cKLYyBLHF4iHGGTR9AqDmjMncAM2lmcHGwYnDiN0CdDhydJLMP8MZzTHH7xnT/k7903PBr6mo86k3cNa51BP3i2S5E1Mud5hbL0Exception in thread "main" java.lang.UnsatisfiedLinkError: netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Lnetegrity/siteminder/javaagent/InitDef;)I

    at netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Native Method)

    at netegrity.siteminder.javaagent.AgentAPI.init(Unknown Source)

    at mypack.JavaTestClient.main(JavaTestClient.java:135)

     

     

     

     

    This is the complete error I am getting.

     

    If you can help it out.



  • 16.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 05:35 AM

    Hello,

     

    1. there is a problem on loading libraries :

     

    ATAL ERROR: Exception from System.loadLibrary java.lang.UnsatisfiedLinkError: C:\Program Files (x86)\CA\webagent\bin\smcommonutil.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform

     

    > Please use C:\Program Files\CA\webagent\win64\bin\smcommonutil.dll to use 64 bit libraries.

     

    2. Regarding the agent name, from the code:

     

    String agentName = getStringFromBundleWithTrim("OBJNAME_PREFIX") + "agent";

     

    in the smjsdksample.properties :

    OBJNAME_PREFIX        = jsdksample-

     

    > So you agent name will be jsdksample-agent

    > To change it use : String agentName= getStringFromBundleWithTrim("AGENT_NAME");

     

    Hope it helps,

    Julien



  • 17.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 05:50 AM

    Please debug through the source and try to unders the flow.


    For the dll error, remove smjavaagentapi.jar from the project classpath and ensure smagentapi.jar exists.



  • 18.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 06:50 AM

    Did so..

    Faced another bunch of errors..

    Could you please help me out for that how smjavaagentapi.jar was responsible for those dll errors ?

    and how to debug the present issues I am facing..agent api errors



  • 19.  Re: CA Single Sign On Java Agent API

    Posted 11-29-2016 10:32 AM

    smjavaagentapi.jar = JNI agnet which calls bunch of dll

    smagentapi.jar = Pure java agnet which does not call any dll.


    For the error, you need to inclue few more jars in the project classpath - smjavasdk2.jar, cryptoj.jar.


    PURE JAVA

         

    java -Dcom.ca.siteminder.sdk.agentapi.enableDebug=true -Djava.library.path=..\..\bin -classpath .;..\..\properties;..\..\java\smagentapi.jar;..\..\java\smjavasdk2.jar;..\..\java\cryptoj.jar; JavaTestClient


    You will also need to apply JCE policy files to the JRE that is being used by this java project.



  • 20.  Re: CA Single Sign On Java Agent API

    Posted 11-30-2016 05:42 AM

    Hi Ujwal,

    Thanks for the help now my agent api is working as :

     

     

     

    Now I want each of these encrypted attributes to get decrypt so that I can fetch its values.

     

    Please help it out.



  • 21.  Re: CA Single Sign On Java Agent API

    Posted 11-30-2016 05:56 AM

    Please mark this thread as answered and open new thread for your new question.