2116968
This section contains the following topics:
CA SiteMinder® Web Services Security SDK Contents
CA SiteMinder® Web Services Security SDK API Reference Material
The CA SiteMinder® Web Services Security SDK provides two APIs:
A Java API that greatly simplifies the task of creating Web service consumer applications.
A Java API that lets you to create custom XML-enabled Web Agents.
CA supports the CA SiteMinder® Web Services Security Software Development Kit (SDK) as part of our standard offerings. However, we do not support custom code written by customers or partners.
Customers who use the SDK must assume responsibility for the code they write. Valid support customers may ask brief "how-to" questions on a particular API. But if you require more in-depth assistance, such as design or architecture assistance, please contact CA Technology Services or CA Education to gain the knowledge or assistance you need.
No CA SiteMinder® Web Services Security or CA SiteMinder processes need to be running on the machine where you build custom applications using the CA SiteMinder® Web Services Security APIs.
Further, no CA SiteMinder® Web Services Security or CA SiteMinder software must be installed on the machine where you run custom applications built with the CA SiteMinder® Web Services Security Java APIs.
Additionally, the CA SiteMinder® Web Services Security Policy Server is required for running all custom XML-enabled agent applications (created using the Java XML Agent Content Helper APIs). The XML-enabled agent application runtime files can either be local or remote to the Policy Server.
To create a Web Service client application, a developer needs to utilize several technologies such as Simple Object Access Protocol (SOAP), HTTP(S), and XML D-Sig. Many of these technologies are still emerging and, being delivered by different vendors, can be very difficult to integrate.
The CA SiteMinder® Web Services Security Web Service Client API brings all of these technologies together under a consistent and simple Java API, providing the following services to Web Service client application developers:
The XML Content Helper API is a Java API that allows you to build custom XML-enabled agents that can authenticate and authorize XML documents posted to a processing application (such as a Web service) bound to a URL.
The XML Agent Content Helper API supplements the CA SiteMinder Java Agent API (part of the CA SiteMinder SDK). A custom agent that is built using these two APIs can protect any URL-bound application (such as a Web service), performing the following functions on XML messages posted to that application:
To build custom XML-enabled agents you need to intersperse functions from the two APIs to provide the necessary functionality.
Note: For more information about the services provided by the CA SiteMinder Agent API, refer to the CA SiteMinder Web Access Manager Programming Guide for Java.
Applications that are built using the CA SiteMinder Agent API and XML Agent Content Helper API are insulated from having to know specific implementation details about user accounts, privileges, and how to extract these from incoming XML messages. Instead, the two APIs work in combination with the Policy Server to greatly simplify application development while increasing application scalability with respect to the number of applications and resource-privilege pairs.
The following illustration shows the functional architecture of an XML-enabled Agent.
Further, the XML Agent Content Helper API insulates application developers from underlying XML message-based Web service technology details, including:
An XML-enabled agent is a client of the CA SiteMinder Agent API and XML Agent Content Helper API. XML-enabled agents enforce CA SiteMinder® Web Services Security XML message content-based access control policies served by the Policy Server.
The Policy Server is a general-purpose policy engine with no specific knowledge of resources. The specific knowledge of resources is provided by Agents. Agents establish resource semantics and act as gatekeepers to protect resources from unauthorized users.
Different CA SiteMinder agent types protect different kinds of resources. Some agent types are pre-defined, standard agents that are shipped as part of the CA SiteMinder product. You can also use the CA SiteMinder Agent API and CA SiteMinder® Web Services Security XML Agent Content Helper API to implement custom agents.
When used with the CA SiteMinder Agent API, the XML Content Helper Agent API lets you create a custom XML-enabled agent that can authenticate and authorize XML messages posted to any URL-bound application in a variety of context-specific ways. For example, you could create an agent to protect an Application Server or a Message Queuing server.
The XML Agent Content Helper API provides agents with a set of services that supplement those provided by the CA SiteMinder Agent API to allow the development of sophisticated, secure, and robust XML-enabled agents. Building an XML-enabled agent involves using these services:
You will also require the following services provided by the CA SiteMinder Agent API:
Note: For more information on the services provided by the CA SiteMinder Agent API, see the SiteMinder Web Access Manager Programming Guide for Java.
The Java API JAR file and sample source code are located under SDK_Install_Dir, the directory in which the CA SiteMinder® Web Services Security SDK software is installed.
For example:
Note: For information about installing the CA SiteMinder® Web Services Security SDK, see the CA SOA Security Manager Implementation Guide.
The SDK installation includes header files, binary files, library files, and examples, as shown in the following table.
|
Directory |
Subdirectory |
Files |
|---|---|---|
|
/include |
- |
ContentHelperService.h |
|
/bin
|
/linux |
txmapi.so |
|
/solaris |
txmapi.so |
|
|
/samples
|
/javaClientAPI |
XMLDocAgent.java |
|
/javaAgentAPI |
HTTPApplication.java |
|
|
/lib |
/win32 |
txmapi.lib |
|
/java |
- |
soasmapi.jar |
The CA CA SiteMinder® Web Services Security SDK contains a number of sample applications that can help you understand the APIs.
The samples are installed in subdirectories of the following directory:
SDK_Install_Dir/samples
The sample subdirectories contain source files, project files, makefiles, and other related files for building the sample applications and plug-ins.
The following table lists the subdirectories where the sample files are installed:
|
Subdirectory Name |
Sample Description |
|---|---|
|
javaAgentAPI |
Java custom XML-enabled agent sample files. |
|
javaClientAPI |
Java Web service client application sample files. |
The CA SiteMinder® Web Services Security SDK includes a complete set of reference material for its APIs.
For reference details such as syntax, parameter, return value, and exception information for the CA SiteMinder® Web Services Security Java APIs, see the Javadoc.
You can access the Javadoc for all Java APIs in the SDK by opening the file index.html in the following default location:
|
Platform |
File Locations |
|---|---|
|
Windows |
SOA_HOME\Documentation\ |
|
UNIX |
SOA_HOME/Documentation/ |
Note: For information about installing the CA SiteMinder® Web Services Security documentation, see the CA SOA Security Manager Implementation Guide.
The description of each package, class, and interface in the Javadoc includes a Since heading that indicates the CA SiteMinder® Web Services Security SDK version when the component was introduced.
Individual methods and fields only include a Since heading if they were added in a later version of the class or interface.
|
Copyright © 2013 CA.
All rights reserved.
|
|