Symantec Access Management

 View Only
  • 1.  Get CA SSO SAML2.0 authurl using Perl SDK

    Posted Jul 26, 2019 04:24 AM
    Trying to write a perl script to get the Authentication URL's defined in all SAML 2.0 service providers under Affiliate Domain:

    I can see each serviceprovider scalar value with the following code:

    # Policy Server info
    use Netegrity::PolicyMgtAPI;
    $policyapi = Netegrity::PolicyMgtAPI->New();
    $session = $policyapi->CreateSession("siteminder","xxxxx");
    if ($session == undef) {
    print "Failed to connect to policy server\n";
    exit;
    }

    print " Connected to policy server successfully\n";
    print "\n\n******************************************\n\n";
    my @affdomains = ("affiliatedomain1");

    foreach my $affdomain(@affdomains){
    print "Getting all the ServiceProviders for $affdomain\n";

    $affDom=$session->GetAffDomain($affdomain);
    #@spvds = Netegrity::PolicyMgtAffDomain->GetAllSAMLServiceProviders();
    @spvds = $affDom->GetAllSAMLServiceProviders();

    foreach $spvd(@spvds){
    print "\n".$affdomain.",". $spvd;
    }
    }

    From this ServiceProvider scalar, i tried to get the serviceprovider name and athentication URL as follows:
    $sp=$affDom->GetSAMLServiceProvider($spvd);
    $spvdname = $sp->Property($SAML_NAME);
    $spauthurl = $sp->Property($SAML_SP_AUTHENTICATION_URL);

    But errors out as follows:
    Can't call method "Property" on an undefined value at getAllSpsAuthurls.pl line 37

    How can i retrieve the Property values from the ServiceProvider?

    Any help is appreciated.

    ------------------------------
    [Designation]
    [City]
    ------------------------------


  • 2.  RE: Get CA SSO SAML2.0 authurl using Perl SDK
    Best Answer

    Broadcom Employee
    Posted Aug 23, 2019 02:47 AM
    Hi Venkatanand,

    You should use .NET or Java to handle programming for Federation. API
    for Federation objects are not available in Perl.

    Perl CLI method to manage federation partnerships
    https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=13672

    Federation Programming
    https://docops.ca.com/ca-single-sign-on/12-8/en/programming/federation-programming

    You might open an Enhancement Request to get this implemented for Perl :

    1. Go to the "All Ideas" page :
    https://community.broadcom.com/ideation/allideas
    2. Click on the "Add" button.
    3. In the "Select categories...", select "Layer7 Access Management".
    4. Write a title in the "title" box.
    5. Write a complete description of the Enahcement Request or
    Certification you'd like to post.
    6. Click on "Save" to get the Idea submitted !

    I hope this helps,

    Best Regards,
    Patrick