Automating SiteMinder Policy Management Using Perl API supplied by SiteMinder

Posted by Unknown on Tuesday, January 11, 2011

Install Siteminder docs. then refer Perl API Policy doc for more stuff. Below is an just idea.what I did. It won’t compile if you just copy/paste :) . This script brings following ideas.
Creating
1. Connection to siteminder Policy server.
2. Webagent
3. Webagent Group.
4. Custom Auth Scheme
5. Domains
6. Realm Under Domains
7. Rules under Realms
8. Policy for the above rule.
9. Adding response to above policy, add users to policy etc.
Just refer and get an idea and you can implement your scripts easily. Good Luck & post me comment if you need anything




#! /usr/bin/perl -w
use Netegrity::PolicyMgtAPI;
# Author - Gopi
# Refer Siteminder policy API for methods arguments.
# Creating Connection to Policy Server.
$policyapi = Netegrity::PolicyMgtAPI->New();
if(!defined $policyapi)
{
die "\nFATAL: Unable to create Policy Server Connection \n";
}

print "Creating Policy Server Connection Session ..... \n";
$mysession = $policyapi->CreateSession($smuser,$smpwd,$smhost);
if(!defined $mysession)
{
die "\nFATAL: Unable to create Session \n";
}




#print "Here is a list of configured domains:\n";
#@domains = $mysession->GetAllDomains();
#foreach $domain(@domains) {
# print $domain->Name() . "\n";
#}
#@agents = $mysession->GetAllAgents();
#foreach $myagent (@agents) {
#print "Agent Name = " . $myagent->Name() . "\n";
#}
print "Creating Webagent with Name as -> myWebAgent Name ....\n";
$myagent = $mysession->CreateAgent("myWebAgent Name",
$mysession->GetAgentType("Web Agent"),
"Descritption for myWebAgent");
if(!defined $myagent)
{
die "\nFATAL: Unable to create Agent -> myWebagent Name";
}
print "Creating Webagent group -> myWebAgent Group \n";
$myagentgroup=$mysession->CreateAgentGroup("my WebAgent Group",
$mysession->GetAgentType("Web Agent"),
"myWebAgent Group Description");




if(!defined $myagentgroup)
{
die "\nFATAL: Unable to create Agent group for myWebAgnet Group";
}




# Adding Webagent to WebAgent Group
print "Adding Webagent myWebAgent Name to myWebAgent Group ";
$myagentgroup->Add($myagent);
#
print "Creating new AuthScheme -> myCustomAuth" ;
$schemeparameter="Whatever is your Custom Scheme parameters Here";
#Creating Auth Scheme
# Below is not fully populated method. See CreateAuthScheme for full syntax and method parameteres.
$authscheme=$mysession->CreateAuthScheme("myCustomAuth",
$mysession->GetAuthScheme();
# Creating Domain
print "Creating Domain -> myDomain \n";
$mydomain=$mysession->CreateDomain("myDomain","myDomain Description");
print "Adding User Directory search order \n";
# Adding User Directory search order.
$mydomain->AddUserDir($mysession->GetUserDir("1st Directory Name"));
#Creating REALMs
# Netegrity::PolicyMgtDomain->CreateRealm( realmName, agent, authScheme [, realmDesc]
# [, resFilter] [, procAuthEvents] [, procAzEvents]
# [, protectAll] [, maxTimeout] [, idleTimeout]
# [, syncAudit] [, azUserDir] [, regScheme] )
#Creating root realm
print "Creating REALM -> Protect / All \n";
$rootrealm=$mydomain->CreateRealm("myProtect all",$myagentgroup,
$authscheme,"Protect all from / ",
"/",1,1,1,43200,3600,0,
$mysession->GetUserDir("Directory Name"));
# Creating for ex:- Get,Post Rule for above Realm.
print "Creating Get,Post Rule for REALM Protect / All \n";
$rootrule=$rootrealm->CreateRule("Get,Post /","Get Post Rule","GET,POST","*");
#

More Here


Courtesy:http://gdesaboyina.wordpress.com/2009/08/08/automating-siteminder-policy-management-using-perl-api-supplied-by-siteminder/

{ 0 comments... read them below or add one }

Post a Comment