Previous Topic: CA SiteMinder® Web Services Security Programming Guide for JavaNext Topic: CA SiteMinder® Web Services Security SDK Contents


CA SiteMinder® Web Services Security SDK Overview

This section contains the following topics:

Introduction

Web Service Client API

XML Agent Content Helper API

CA SiteMinder® Web Services Security SDK Contents

CA SiteMinder® Web Services Security SDK API Reference Material

Introduction

The CA SiteMinder® Web Services Security SDK provides two APIs:

Web Service Client API

A Java API that greatly simplifies the task of creating Web service consumer applications.

XML Agent Content Helper API

A Java API that lets you to create custom XML-enabled Web Agents.

Support for Custom Code

CA supports the CA SiteMinder® Web Services Security Software Development Kit (SDK) as part of our standard offerings. However, we do not support custom code written by customers or partners.

Customers who use the SDK must assume responsibility for the code they write. Valid support customers may ask brief "how-to" questions on a particular API. But if you require more in-depth assistance, such as design or architecture assistance, please contact CA Technology Services or CA Education to gain the knowledge or assistance you need.

CA Software Prerequisites

No CA SiteMinder® Web Services Security or CA SiteMinder processes need to be running on the machine where you build custom applications using the CA SiteMinder® Web Services Security APIs.

Further, no CA SiteMinder® Web Services Security or CA SiteMinder software must be installed on the machine where you run custom applications built with the CA SiteMinder® Web Services Security Java APIs.

Additionally, the CA SiteMinder® Web Services Security Policy Server is required for running all custom XML-enabled agent applications (created using the Java XML Agent Content Helper APIs). The XML-enabled agent application runtime files can either be local or remote to the Policy Server.

Web Service Client API

To create a Web Service client application, a developer needs to utilize several technologies such as Simple Object Access Protocol (SOAP), HTTP(S), and XML D-Sig. Many of these technologies are still emerging and, being delivered by different vendors, can be very difficult to integrate.

The CA SiteMinder® Web Services Security Web Service Client API brings all of these technologies together under a consistent and simple Java API, providing the following services to Web Service client application developers:

More information:

Using the Web Service Client API

XML Agent Content Helper API

The XML Content Helper API is a Java API that allows you to build custom XML-enabled agents that can authenticate and authorize XML documents posted to a processing application (such as a Web service) bound to a URL.

The XML Agent Content Helper API supplements the CA SiteMinder Java Agent API (part of the CA SiteMinder SDK). A custom agent that is built using these two APIs can protect any URL-bound application (such as a Web service), performing the following functions on XML messages posted to that application:

To build custom XML-enabled agents you need to intersperse functions from the two APIs to provide the necessary functionality.

Applications that are built using the CA SiteMinder Agent API and XML Agent Content Helper API are insulated from having to know specific implementation details about user accounts, privileges, and how to extract these from incoming XML messages. Instead, the two APIs work in combination with the Policy Server to greatly simplify application development while increasing application scalability with respect to the number of applications and resource-privilege pairs.

The following illustration shows the functional architecture of an XML-enabled Agent.

Agent Function Architecture

Further, the XML Agent Content Helper API insulates application developers from underlying XML message-based Web service technology details, including:

What Is an XML-Enabled Agent?

An XML-enabled agent is a client of the CA SiteMinder Agent API and XML Agent Content Helper API. XML-enabled agents enforce CA SiteMinder® Web Services Security XML message content-based access control policies served by the Policy Server.

The Policy Server is a general-purpose policy engine with no specific knowledge of resources. The specific knowledge of resources is provided by Agents. Agents establish resource semantics and act as gatekeepers to protect resources from unauthorized users.

Different CA SiteMinder agent types protect different kinds of resources. Some agent types are pre-defined, standard agents that are shipped as part of the CA SiteMinder product. You can also use the CA SiteMinder Agent API and CA SiteMinder® Web Services Security XML Agent Content Helper API to implement custom agents.

When used with the CA SiteMinder Agent API, the XML Content Helper Agent API lets you create a custom XML-enabled agent that can authenticate and authorize XML messages posted to any URL-bound application in a variety of context-specific ways. For example, you could create an agent to protect an Application Server or a Message Queuing server.

XML Agent Content Helper API Services

The XML Agent Content Helper API provides agents with a set of services that supplement those provided by the CA SiteMinder Agent API to allow the development of sophisticated, secure, and robust XML-enabled agents. Building an XML-enabled agent involves using these services:

You will also require the following services provided by the CA SiteMinder Agent API:

Note: For more information on the services provided by the CA SiteMinder Agent API, see the SiteMinder Web Access Manager Programming Guide for Java.