The following methods act on PolicyMgtSAMLServiceProvider objects:
The AddAssertionConsumerService method adds an Assertion Consumer Service to a SAML Service Provider object.
Syntax
The AddAssertionConsumerService method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>AddAssertionConsumerService(index, protocolBinding, URL)
Parameters
The AddAssertionConsumerService method accepts the following parameters:
index (int)
Specifies the Assertion Consumer Service Indexed Endpoint index value.
protocolBinding (string)
Specifies the protocol binding of the Assertion Consumer Service, which is one of the following:
URL (string)
Specifies the URL of the Indexed Endpoint.
Return Value
The AddAssertionConsumerService method returns one of the following values:
The AddAttribute method adds an attribute to the SAML 2.0 Service Provider.
Syntax
The AddAttribute method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>AddAttribute(attrNameFormat, value, nEncrypted, nMode)
Parameters
The AddAttribute method accepts the following parameters:
attrNameFormat (int)
Specifies one of the following attribute formats, as defined in the SAML 2.0 standard:
value (string)
Specifies the value specification for the attribute. This value specification appears in the Name Value Pair column of the SiteMinder SAML Service Provider Properties Dialog. The format of the value specification depends upon the kind of attribute you are adding -- Static, User Attribute, or DN Attribute:
variableName=value
variableName=<%userattr="AttrName"%>
variableName=<#dn="DNSpec" attr="AttrName"#>
To allow SiteMinder to retrieve DN attributes from a nested group, begin DNSpec with an exclamation mark ( ! ) -- for example:
dn="!ou=People,o=security.com"
nEncrypted (int)
Specifies whether the attribute is encrypted. If non-zero, the attribute is encrypted after being included in the assertion.
nMode (int)
Specifies the retrieval mode of this attribute, which is one of the following:
Return Value
The AddAttribute method returns one of the following values:
Remarks
A SAML 2.0 attribute contains information about a principal who is trying to access a resource on the Service Provider -- for example, the principal's user DN.
The defined attribute is included in an attribute statement for all SAML 2.0 assertions that are produced for this Service Provider.
The AddUser method adds a user to the SAML Service Provider. Assertions can be generated for the users associated with a Service Provider.
Syntax
The AddUser method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>AddUser(user)
Parameters
The AddUser method accepts the following parameter:
user (PolicyMgtUser)
Specifies the user to add.
Return Value
The AddUser method returns one of the following values:
The CreateIPConfigHostName method creates an IP configuration object for the Service Provider, based on the specified host name.
Syntax
The CreateIPConfigHostName method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>CreateIPConfigHostName(hostName)
Parameters
The CreateIPConfigHostName method accepts the following parameters:
hostName (string)
Specifies the host name where assertions must originate.
Return Value
The CreateIPConfigHostName method returns one of the following values:
Remarks
This method creates an IP address restriction for the assertion generation policy. With this address restriction, only assertions generated from the specified host will be accepted.
The CreateIPConfigRange method creates an IP configuration object for the Service Provider, based on the specified range of IP addresses.
Syntax
The CreateIPConfigRange method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>CreateIPConfigRange(ipAddr1, ipAddr2)
Parameters
The CreateIPConfigRange method accepts the following parameters:
ipAddr1 (string)
Specifies the first IP address in the range of valid IP addresses.
ipAddr2 (string)
Specifies the last IP address in the range of valid IP addresses.
Return Value
The CreateIPConfigRange method returns one of the following values:
Remarks
This method creates an IP address restriction for the assertion generation policy. With this address restriction, only assertions generated from the specified range of IP addresses will be accepted.
The CreateIPConfigSingleHost method creates an IP configuration object for the Service Provider, based on the specified IP address.
Syntax
The CreateIPConfigSingleHost method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>CreateIPConfigSingleHost(ipAddr)
Parameters
The CreateIPConfigSingleHost method accepts the following parameter:
ipAddr (string)
Specifies the IP address where assertions must originate.
Return Value
The CreateIPConfigSingleHost method returns one of the following values:
Remarks
This method creates an IP address restriction for the assertion generation policy. With this address restriction, only assertions generated from the specified IP address will be accepted.
The CreateIPConfigSubnetMask method creates an IP configuration object for the Service Provider, based on the specified IP address and subnet mask.
Syntax
The CreateIPConfigSubnetMask method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>CreateIPConfigSubnetMask(ipAddr, subnetMask)
Parameters
The CreateIPConfigSubnetMask method accepts the following parameters:
ipAddr (string)
Specifies the IP address used to derive the subnet address.
subnetMask (unsigned long)
Specifies the subnet mask used to derive the subnet address.
Return Value
The CreateIPConfigSubnetMask method returns one of the following values:
Remarks
This method creates an IP address restriction for the assertion generation policy. With this address restriction, only assertions generated from the subnet address will be accepted. The subnet address is derived from the passed IP address and subnet mask. For information about defining the subnet mask value, see the description of the PolicyMgtPolicy‑>CreateIPConfigSubnetMask method.
The DeleteIPConfig method deletes the specified IP configuration object.
Syntax
The DeleteIPConfig method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>DeleteIPConfig(IPConfig)
Parameters
The DeleteIPConfig method accepts the following parameter:
IPConfig (PolicyMgtIPConfig object)
Specifies the IP configuration object to delete.
Return Value
The DeleteIPConfig method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The GetAllAttributes method retrieves all attributes defined for the SAML 2.0 Service Provider.
Syntax
The GetAllAttributes method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>GetAllAttributes()
Parameters
The GetAllAttributes method accepts no parameters.
Return Value
The GetAllAttributes method returns one of the following values:
The GetAllIPConfigs method retrieves all IP configuration objects for the SAML 2.0 Service Provider.
Syntax
The GetAllIPConfigs method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>GetAllIPConfigs()
Parameters
The GetAllIPConfigs method accepts no parameters.
Return Value
The GetAllIPConfigs method returns one of the following values:
The GetAllAssertionConsumerServices method retrieves all Assertion Consumer Services from the SAML 2.0 Service Provider object.
Syntax
The GetAllAssertionConsumerServices method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>GetAllAssertionConsumerServices()
Parameters
The GetAllAssertionConsumerServices method accepts no parameters.
Return Value
The GetAllAssertionConsumerServices method returns one of the following values:
The GetAllUsers method retrieves all users associated with the SAML 2.0 Service Provider. If a user directory is specified, only users who belong to the specified directory are returned.
Syntax
The GetAllUsers method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>GetAllUsers([userDir])
Parameters
The GetAllUsers method accepts the following parameter:
userDir (PolicyMgtUserDir object)
(Optional) Specifies the user directory to which all retrieved users must belong.
Return Value
The GetAllUsers method returns one of the following values:
The Property method sets or retrieves the specified SAML 2.0 metadata property for this Service Provider.
Note: After modifying one or more Service Provider properties using this method, call the PolicyMgtSAMLServiceProvider‑>Save method to write the changes to the policy store.
Syntax
The Property method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>Property(name[, value])
Parameters
The Property method accepts the following parameters:
name (string)
Specifies the property to set or retrieve.
Note: For a complete list of Service Provider metadata properties, see the method PolicyMgtAffDomain‑>CreateSAMLServiceProvider.
value (string)
(Optional) Specifies a new value for the property.
Return Value
The Property method returns one of the following values:
Specifies the property's new or existing value.
Specifies that the call is unsuccessful.
The RemoveAssertionConsumer method removes an existing Assertion Consumer Service from a SAML 2.0 Service Provider.
Syntax
The RemoveAssertionConsumer method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>RemoveAssertionConsumer(pSAMLSPACS)
Parameters
The RemoveAssertionConsumer method accepts the following parameter:
pSAMLSPACS
Specifies the Assertion Consumer Service to remove.
Return Value
The RemoveAssertionConsumer method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The RemoveAttribute method removes the specified attribute from the SAML 2.0 Service Provider.
Syntax
The RemoveAttribute method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>RemoveAttribute(SAMLSPAttr)
Parameters
The RemoveAttribute method accepts the following parameter:
SAMLSPAttr (PolicyMgtSAMLSPAttr object)
Specifies the attribute to remove.
Return Value
The RemoveAttribute method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The RemoveUser method removes the specified user from the SAML 2.0 Service Provider.
Syntax
The RemoveUser method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>RemoveUser(user)
Parameters
The RemoveUser method accepts the following parameter:
user (PolicyMgtUser object)
Specifies the user to remove.
Return Value
The RemoveUser method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The Save method saves any changes made to the SAML 2.0 metadata properties of the Service Provider. Call this method once after making all changes to the SAML 2.0 Service Provider. You must call this method for the changes to take effect. To modify a metadata property, call the PolicyMgtSAMLServiceProvider‑>Property method.
Syntax
The Save method has the following format:
Netegrity::PolicyMgtSAMLServiceProvider‑>Save()
Parameters
The Save method accepts no parameters.
Return Value
The Save method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
Specifies that the user does not have the privileges required to change metadata properties.
Specifies that the path and class are empty.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|