Hi,
I want to inject a parameter name/value in the custom header of my request. The URL is protected under NAM and an injection policy is applied to read the value of attribute from LDAP and inject into custom header. This is working as expected.
Now I have a requirement to read an LDAP attribute then based on its value set a string constant in the custom header. As per what I read in NAM developer Kit, this should be possible using a policy extension of type "context data". I took code from LDAPGroupDataElement.java, compiled it into a jar, installed/configured extension through Admin Console.
The configuration parameters that I set are:
Name ID Mapping
LDAP User DN 41 Credential Profile:LDAP Credentials:LDAP User DN
Security Principal 51 String Constant (DN fo admin)
Security Credentials 52 String Constant (password of admin user)
Search Context 61 String Constant 0=xxx
User Store 11 String Constant (name of user store configured under identity server)
Debug 91 String Constant 1
User Store Replica 31 String Constant (ldaps://<IP address of LDAP>:389
Directory Type 222 String Constant eDirectory
But its not working. Some error comes up
<amLogEntry> 2012-08-13T11:31:07Z DEBUG NIDS WSC:
Method: WSC.A
Thread: TP-Processor24
Completed Request. Response: WSCResponse:
Status: All Failure
WSCQResponseEntry:
WSCQSSToken:
Model Entry: Entry
Unique Id: NEPXurn~3Anovell~3Acredentialprofile~3A2005-03~2Fcp~3ASecrets~2Fcp~3ASecret~2Fcp~3AEntry~40~40 ~40~40WSCQSSToken~40~40~40~40~2Fcp~3ASecrets~2Fcp~ 3ASecret~5Bcp~3AName~3D~22LDAPCredentials~22~5D~2F cp~3AEntry~5Bcp~3AName~3D~22UserDN~22~5D
Select String: /cp:Secrets/cp:Secret[cp:Name="LDAPCredentials"]/cp:Entry[cp:Name="UserDN"]
Overridden Display Name ResourceId:: SS.WKSELdapCredsUserDN
Status: DataNotAvailable
WSCQResponse: </amLogEntry>
I do not fully understand how to use this feature. I want that the user's ldap attribute should be picked-up from User Store and I should not be required to provide the LDAP details (specially the password in clear-text form is a big issue).
Need some guidance, the developer kit documentation does not help me here!!
I want to inject a parameter name/value in the custom header of my request. The URL is protected under NAM and an injection policy is applied to read the value of attribute from LDAP and inject into custom header. This is working as expected.
Now I have a requirement to read an LDAP attribute then based on its value set a string constant in the custom header. As per what I read in NAM developer Kit, this should be possible using a policy extension of type "context data". I took code from LDAPGroupDataElement.java, compiled it into a jar, installed/configured extension through Admin Console.
The configuration parameters that I set are:
Name ID Mapping
LDAP User DN 41 Credential Profile:LDAP Credentials:LDAP User DN
Security Principal 51 String Constant (DN fo admin)
Security Credentials 52 String Constant (password of admin user)
Search Context 61 String Constant 0=xxx
User Store 11 String Constant (name of user store configured under identity server)
Debug 91 String Constant 1
User Store Replica 31 String Constant (ldaps://<IP address of LDAP>:389
Directory Type 222 String Constant eDirectory
But its not working. Some error comes up
Quote:
<amLogEntry> 2012-08-13T11:31:07Z DEBUG NIDS WSC:
Method: WSC.A
Thread: TP-Processor24
Completed Request. Response: WSCResponse:
Status: All Failure
WSCQResponseEntry:
WSCQSSToken:
Model Entry: Entry
Unique Id: NEPXurn~3Anovell~3Acredentialprofile~3A2005-03~2Fcp~3ASecrets~2Fcp~3ASecret~2Fcp~3AEntry~40~40 ~40~40WSCQSSToken~40~40~40~40~2Fcp~3ASecrets~2Fcp~ 3ASecret~5Bcp~3AName~3D~22LDAPCredentials~22~5D~2F cp~3AEntry~5Bcp~3AName~3D~22UserDN~22~5D
Select String: /cp:Secrets/cp:Secret[cp:Name="LDAPCredentials"]/cp:Entry[cp:Name="UserDN"]
Overridden Display Name ResourceId:: SS.WKSELdapCredsUserDN
Status: DataNotAvailable
WSCQResponse: </amLogEntry>
Need some guidance, the developer kit documentation does not help me here!!