Enterprise Administration Guide › Planning Your SAM Implementation › Implementation Considerations › The SAM SDK › How a Web Services SDK Application Gets a Password
How a Web Services SDK Application Gets a Password
The Web Services SAM SDK lets you write Java applications that check in and check out privileged account passwords. You do not need to install CA ControlMinder on the endpoint on which the Web Services SAM SDK application runs. However, unlike password consumer SDKs, the Web Services SAM SDK does not cache passwords or authenticate users.
Web Services SAM SDK applications use SOAP (Simple Object Access Protocol) and port 18080 to communicate directly with the Enterprise Management Server.
Important! We recommend that you use a strong authentication protocol such as NTLM to authenticate the connection between the application and the Enterprise Management Server.
The following process describes how a Web Services SAM SDK application gets a password:
- The application logs in to CA ControlMinder Enterprise Management.
The user name and password with which the application logs in are defined in the application.
- The application requests the password for a privileged account.
- CA ControlMinder Enterprise Management checks the privileged access role assigned to the user that represents the application.
- One of the following happens:
- If users with that privileged access role can obtain the privileged account password, CA ControlMinder Enterprise Management sends the password to the application.
- If users with that privileged access role cannot obtain the privileged account password, CA ControlMinder Enterprise Management sends an error message to the application.
- The application logs out of CA ControlMinder Enterprise Management.
More information:
How to Configure an Endpoint to Use a Web Services SAM SDK Application
Copyright © 2013 CA Technologies.
All rights reserved.
|
|