CLI Authentication Scheme Methods

Programming Guides › Programming Guide for Perl › CLI Policy Management Methods › CLI Authentication Scheme Methods

CLI Authentication Scheme Methods

AddMessageConsumerPluginToSAML1xScheme Method--Adds Message Consumer Plug-in Class Name

The AddMessageConsumerPluginToSAML1xScheme method adds a message consumer plug-in class name and parameter to a SAML1x authentication scheme.

Syntax

The AddMessageConsumerPluginToSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>AddMessageConsumerPluginToSAML1xScheme(pluginClass, pluginParam)

Parameters

The AddMessageConsumerPluginToSAML1xScheme method accepts the following parameters:

pluginClass (string)

Specifies the message consumer plug-in class name.

pluginParam (string)

Specifies the message consumer plug-in parameter name.

Return Value

The AddMessageConsumerPluginToSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

AddRedirectURLToSAML1xScheme Method--Adds Redirect Value to an Authentication Scheme

The AddRedirectURLToSAML1xScheme method adds a redirect URL, type, and mode to a SAML1x authentication scheme.

Syntax

The AddRedirectURLToSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>AddRedirectURLToSAML1xScheme(iTypeURL, URL, redirectMode)

Parameters

The AddRedirectURLToSAML1xScheme method accepts the following parameters:

iTypeURL (int)

Specifies the redirect URL type, which is one of the following values:

0—User Note Found

1— Invalid Message

2—Unaccepted credential

URL (string)

Specifies the redirect URL site.

redirectMode (int)

Specifies the redirect mode, which can be either of the following values:

0—302 no Data
1—POST

Return Value

The AddRedirectURLToSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

AddTargetConfigToSAML1xScheme Method--Sets the Default Target Configuration

The AddTargetConfigToSAML1xScheme method sets the default Target and QueryParameterOverridesTarget configuration to a SAML1x authentication scheme.

Syntax

The AddTargetConfigToSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>AddTargetConfigToSAML1xScheme(pszTargetURL, iQPOverrideTarget)

Parameters

The AddTargetConfigToSAML1xScheme method accepts the following parameters:

pszTargetURL (string)

Specifies the default Target URL.

iQPOverrideTarget (int)

Specifies whether the query parameter overrides the default Target configuration.

Return Value

The AddTargetConfigToSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

CustomLib Method—Sets or Retrieves the Name of the Shared Library

The CustomLib method sets or retrieves the name of the shared library that implements the authentication scheme.

Syntax

The CustomLib method has the following format:

Netegrity::PolicyMgtAuthScheme‑>CustomLib([libName])

Parameters

The CustomLib method accepts the following parameter:

libName (string)

(Optional) Specifies the shared library name.

Return Value

The CustomLib method returns one of the following values:

The new or existing library name
undef if the call was unsuccessful

Remarks

Each pre-defined authentication scheme type is shipped with a default library, but you can use a custom library. If you use a custom authentication scheme, you must specify a custom library.

CustomParam Method—Sets or Retrieves Information that Is Passed to the Authentication Scheme

The CustomParam method sets or retrieves information that is passed to the authentication scheme. You can accept the default parameter for the authentication scheme, or you can specify a new one.

Syntax

The CustomParam method has the following format:

Netegrity::PolicyMgtAuthScheme‑>CustomParam([param])

Parameters

The CustomParam method accepts the following parameter:

param (string)

(Optional) Specifies the parameter information to pass.

Return Value

The CustomParam method returns one of the following values:

The new or existing parameter information
A null string if the call was unsuccessful

CustomSecret Method—Sets or Retrieves the Shared Secret for the Custom Authentication Scheme

The CustomSecret method sets or retrieves the shared secret for the custom authentication scheme.

Syntax

The CustomSecret method has the following format:

Netegrity::PolicyMgtAuthScheme‑>CustomSecret([param])

Parameters

The CustomSecret method accepts the following parameter:

param (string)

(Optional) Specifies the shared secret.

Return Value

The CustomSecret method returns one of the following values:

The new or existing shared secret
A null string if the call was unsuccessful

Description Method—Sets or Retrieves the Description of the Authentication Scheme

The Description method sets or retrieves the description of the authentication scheme.

Syntax

The Description method has the following format:

Netegrity::PolicyMgtAuthScheme‑>Description([schemeDesc])

Parameters

The Description method accepts the following parameter:

schemeDesc (string)

(Optional) Specifies the description.

Return Value

The Description method returns one of the following values:

The new or existing authentication scheme description
An empty string if the call was unsuccessful

GetMessageConsumerPluginFromSAML1xScheme Method--Retrieves Message Consumer Plug-in Class Name

The GetMessageConsumerPluginFromSAML1xScheme method retrieves the message consumer plug-in class name and parameter from a SAML1x authentication scheme.

Syntax

The GetMessageConsumerPluginFromSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>GetMessageConsumerPluginFromSAML1xScheme(pluginClass, pluginParam)

Parameters

The GetMessageConsumerPluginFromSAML1xScheme method accepts the following parameters:

pluginClass (string)

Specifies the message consumer plug-in class name.

pluginParam (string)

Specifies the message consumer plug-in parameter name.

Return Value

The GetMessageConsumerPluginFromSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

GetRedirectURLFromSAML1xScheme Method--Retrieves a Redirect URL

The GetRedirectURLFromSAML1xScheme method retrieves a redirect URL, type, and mode from a SAML1x authentication scheme.

Syntax

The GetRedirectURLFromSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>GetRedirectURLFromSAML1xScheme(iTypeURL, URL, redirectMode)

Parameters

The GetRedirectURLFromSAML1xScheme method accepts the following parameters:

iTypeURL (int)

Specifies the redirect URL type, which is one of the following values:

0—User Note Found

1— Invalid Message

2—Unaccepted credential

URL (string)

Specifies the redirect URL site.

redirectMode (int)

Specifies the redirect mode, which can be either of the following values:

0—302 No Data
1—POST

Return Value

The GetRedirectURLFromSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

GetTargetConfigFromSAML1xScheme Method--Retrieves the Target Configuration

The GetTargetConfigFromSAML1xScheme method retrieves the default Target and QueryParameterOverridesTarget configuration from a SAML1x authentication scheme.

Syntax

The GetTargetConfigFromSAML1xScheme method has the following format:

Netegrity::PolicyMgtAuthScheme‑>GetTargetConfigFromSAML1xScheme(pszTargetURL, iQPOverrideTarget)

Parameters

The GetTargetConfigFromSAML1xScheme method accepts the following parameters:

pszTargetURL (string)

Specifies the default Target URL.

iQPOverrideTarget (int)

Specifies whether the query parameter overrides the default Target configuration.

Return Value

The GetTargetConfigFromSAML1xScheme method returns one of the following values:

Sm_PolicyApi_Success
Sm_PolicyApi_Failure

IgnorePwd Method—Specifies whether Password Policies Should Be Checked

The IgnorePwd method sets or retrieves the flag that specifies whether password policies should be checked for the authentication scheme.

Syntax

The IgnorePwd method has the following format:

Netegrity::PolicyMgtAuthScheme‑>IgnorePwd([pwdFlag])

Parameters

The IgnorePwd method accepts the following parameter:

pwdFlag (int)

(Optional) Specifies whether to ignore password policies (set to 1), or enforce them (set to 0).

Return Value

The IgnorePwd method returns one of the following values:

1 if password policies should be ignored
0 if password policies
-1 if the call was unsuccessful

IsRadius Method—Determines whether the Authentication Scheme Supports RADIUS Agents

The IsRadius method sets or retrieves the flag that specifies whether the authentication scheme supports RADIUS agents.

Syntax

The IsRadius method has the following format:

Netegrity::PolicyMgtAuthScheme‑>IsRadius([radFlag])

Parameters

The IsRadius method accepts the following parameter:

radFlag (int)

(Optional) Specifies whether the authentication scheme supports RADIUS agents (1=yes; 0=no).

Return Value

The IsRadius method returns one of the following values:

1 if the authentication scheme supports RADIUS agents
0 if the authentication scheme does not support RADIUS agents
-1 if the call was unsuccessful

IsTemplate Method—Determines whether the Authentication Scheme Is a Template

The IsTemplate method retrieves the flag value that indicates whether the authentication scheme is a template.

Syntax

The IsTemplate method has the following format:

Netegrity::PolicyMgtAuthScheme‑>IsTemplate( )

Parameters

The IsTemplate method accepts no parameters.

Return Value

The IsTemplate method returns one of the following values:

1 if the authentication scheme is a template
0 if the authentication scheme is not a template
-1 the call was unsuccessful

Remarks

Setting an authentication scheme as a template with the Perl Policy Management API is deprecated in SiteMinder v6.0 SP3.

IsUsedByAdmin Method—Determines whether the Scheme Authenticates Administrators

The IsUsedByAdmin method determines whether the scheme should be used to authenticate administrators.

Syntax

The IsUsedByAdmin method has the following format:

Netegrity::PolicyMgtAuthScheme‑>IsUsedByAdmin([useAdminFlag])

Parameters

The IsUsedByAdmin method accepts the following parameter:

useAdminFlag (int)

(Optional) Specifies whether the scheme should be used to authenticate administrators:

1 to allow the scheme to be used for administrator authentication
0 to disallow the scheme to be used for administrator authentication

Return Value

The IsUsedByAdmin method returns one of the following values:

1 if the scheme can be used to authenticate administrators
0 if the scheme cannot be used to authenticate administrators
-1 if the call was unsuccessful

Name Method—Sets or Retrieves the Name of the Authentication Scheme

The Name method sets or retrieves the name of the authentication scheme.

Syntax

The Name method has the following format:

Netegrity::PolicyMgtAuthScheme‑>Name([authSchemeName])

Parameters

The Name method accepts the following parameter:

authSchemeName (string)

(Optional) Specifies the name to assign to the authentication scheme.

Return Value

The Name method returns one of the following values:

The new or existing authentication scheme name
undef if the call was unsuccessful

ProtectionLevel Method—Sets or Retrieves the Protection Level of the Authentication Scheme

The ProtectionLevel method sets or retrieves the protection level of the authentication scheme.

Syntax

The ProtectionLevel method has the following format:

codefirstNetegrity::PolicyMgtAuthScheme‑>ProtectionLevel([nlevel])

Parameters

The ProtectionLevel method accepts the following parameter:

nlevel (int)

(Optional) Specifies the protection level to set.

Return Value

The ProtectionLevel method returns one of the following values:

The new or existing authorization scheme protection level
-1 if unsuccessful

Remarks

The level can vary from 1 to 1000. The higher the number, the more secure is the scheme. With Anonymous authentication schemes, set this value to 0.

Save Method—Saves the Authentication Scheme to the Policy Store

The Save method saves the authentication scheme to the policy store.

Syntax

The Save method has the following format:

Netegrity::PolicyMgtAuthScheme‑>Save( )

Parameters

The Save method accepts no parameters.

Return Value

The Save method returns one of the following values:

0 on success
-1 on failure
-4 if the user has insufficient privileges to save the changes
-100 if the scheme object identifier is not found

Remarks

Call this method once after making all the modifications to the authentication scheme that you intend to make. This method must be called for any changes to take effect.

SaveCredentials Method—Determines whether User Credentials Can Be Saved

The SaveCredentials method sets or retrieves the flag that allows user credentials to be saved.

Syntax

The SaveCredentials method has the following format:

Netegrity::PolicyMgtAuthScheme‑>SaveCredentials([credFlag])

Parameters

The SaveCredentials method accepts the following parameter:

credFlag (int)

(Optional) Specifies the flag value:

1 if credentials can be saved
0 if credentials cannot be saved

Return Value

The SaveCredentials method returns one of the following values:

1 if user credentials can be saved
0 if user credentials cannot be saved

Type Method—Sets or Retrieves the Authentication Scheme Type

The Type method sets or retrieves the authentication scheme type.

Syntax

The Type method has the following format:

Netegrity::PolicyMgtAuthScheme‑>Type([template])

Parameters

The Type method accepts the following parameter:

template (PolicyMgtAuthScheme)

(Optional) Specifies the authentication scheme type.

Return Value

The Type method returns one of the following values:

The new or existing authentication scheme type
undef if the call was unsuccessful