How to set up and use a WebService variable in Policy Server R12?

Document ID : KB000051388
Last Modified Date : 14/02/2018
Show Technical Document Details

This Document will demonstrate how to set up a WebService variable and how to use it in a authorization response.

  • We will set up a local webservice in the IIS Web Server ? test it

  • We will set up the WebService variable

  • We will create realm, policy for all users

  • We will set up the response

  • We will test it by using the Test tool

  • We use a pre-installed policy server R12SP2 with users configured in LDAP

Using IIS and deploy the Web Service

Open IIS manager

Start / Program / Administrative Tools / IIS Manager

Check Web Service Extention

Figure 1

Deploy Web Service

Create directory webservice under C:\intepub\wwwroot\webservice (Web Server Root)

Copy the file echoback.asp

<%@ language=JScript%>
<%      
var xmlDoc = Server.CreateObject("Msxml2.DOMDocument");    
xmlDoc.async = false; 
xmlDoc.resolveExternals = false;
xmlDoc.preserveWhiteSpace = true;
xmlDoc.load(Request);
iParseErr = xmlDoc.parseError;
if (iParseErr == 0){
      Response.write(xmlDoc.xml);
}
else
{
      Response.write("<br>Error Code: ")
      Response.write(xmlDoc.parseError.errorCode)
      Response.write("<br>Error Reason: ")
      Response.write(xmlDoc.parseError.reason)
      Response.write("<br>Error Line: ")
      Response.write(xmlDoc.parseError.line)
      Response.write("<br>Error String: ")
      Response.Write(xmlDoc.parseError.srcText)
}
%>

Test the Web Service:

Figure 2

Using the FSS UI create the WebService variable

Open the FSS AdminUi

Go to the Domain tab, Protected Domain, Right click on WebService Variables

Figure 3

Create Variable

Figure 4

Fill the following

Name
WSVAR

Retturn Type
String

General tab

URL
http://ulod8614.ca.com/WebService/echoback.asp

Return Query

/soap:Envelope/soap:Body/soap:GetEchoResponse/soap:GetEchoResult/text()

Figure 5

SOAP Document Tab

SOAP Body
<soap:GetEchoResponse xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:GetEchoResult xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">$userid$</soap:GetEchoResult>   
</soap:GetEchoResponse>

Figure 6

Apply

Using the FSS UI add the WebService variable to a response

Go to Domain tab, Protected Domain, Right click on Responses

Fill the following

Name

My Response

Attribute list

Create

Attribute
WebAgent-HTTP-Header-Variable

Variable Name
WSVAR

Variable Value
WSVAR

Figure 7

Associate the response to a rule

Go to policy, all, Rule tab, click on set Response...

Figure 8

Select My Response

Figure 9

Apply/Ok

Apply/Ok

Test the WebService using the Test Tool

Open the test tool

Start / Program / CA / SiteMinder/ SiteMinder Test tool

Figure 10

Fill the following

SiteMinder Agent

Version 4

Agent name
4x

Secret
Firewall

Server
ulod8614.ca.com

Resource Information

Resource
/protected/toto

Action
Get

User Information

Username
User1

Password
firewall

Click Connect

Figure 11

Click IsProtected

Figure 12

Click IsAuthenticated

Figure 13

Click IsAuthorized

Figure 14

That's all folks