CLI Authentication Scheme Methods
Contents
casso126
Contents
AddMessageConsumerPluginToSAML1xScheme Method--Adds Message Consumer Plug-in Class Name
The AddMessageConsumerPluginToSAML1xScheme method adds a message consumer plug-in class name and parameter to a SAML1x authentication scheme.
Syntax
The AddMessageConsumerPluginToSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->AddMessageConsumerPluginToSAML1xScheme(pluginClass, pluginParam)
Parameters
The AddMessageConsumerPluginToSAML1xScheme method accepts the following parameters:
- pluginClass(string)Specifies the message consumer plug-in class name.
- pluginParam(string)Specifies the message consumer plug-in parameter name.
Return Value
The AddMessageConsumerPluginToSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
AddRedirectURLToSAML1xScheme Method--Adds Redirect Value to an Authentication Scheme
The AddRedirectURLToSAML1xScheme method adds a redirect URL, type, and mode to a SAML1x authentication scheme.
Syntax
The AddRedirectURLToSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->AddRedirectURLToSAML1xScheme(iTypeURL, URL, redirectMode)
Parameters
The AddRedirectURLToSAML1xScheme method accepts the following parameters:
- iTypeURL(int)Specifies the redirect URL type, which is one of the following values:0—User Note Found1— Invalid Message2—Unaccepted credential
- URL(string)Specifies the redirect URL site.
- redirectMode(int)Specifies the redirect mode, which can be either of the following values:
- 0—302 no Data
- 1—POST
Return Value
The AddRedirectURLToSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
AddTargetConfigToSAML1xScheme Method--Sets the Default Target Configuration
The AddTargetConfigToSAML1xScheme method sets the default Target and QueryParameterOverridesTarget configuration to a SAML1x authentication scheme.
Syntax
The AddTargetConfigToSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->AddTargetConfigToSAML1xScheme(pszTargetURL, iQPOverrideTarget)
Parameters
The AddTargetConfigToSAML1xScheme method accepts the following parameters:
- pszTargetURL(string)Specifies the default Target URL.
- iQPOverrideTarget(int)Specifies whether the query parameter overrides the default Target configuration.
Return Value
The AddTargetConfigToSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
The CustomLib method sets or retrieves the name of the shared library that implements the authentication scheme.
Syntax
The CustomLib method has the following format:
Netegrity::PolicyMgtAuthScheme->CustomLib([libName])
Parameters
The CustomLib method accepts the following parameter:
- libName(string)(Optional) Specifies the shared library name.
Return Value
The CustomLib method returns one of the following values:
- The new or existing library name
- undefif the call was unsuccessful
Remarks
Each pre-defined authentication scheme type is shipped with a default library, but you can use a custom library. If you use a custom authentication scheme, you must specify a custom library.
CustomParam Method Sets or Retrieves Information that Is Passed to the Authentication Scheme
The CustomParam method sets or retrieves information that is passed to the authentication scheme. You can accept the default parameter for the authentication scheme, or you can specify a new one.
Syntax
The CustomParam method has the following format:
Netegrity::PolicyMgtAuthScheme->CustomParam([param])
Parameters
The CustomParam method accepts the following parameter:
- param(string)(Optional) Specifies the parameter information to pass.
Return Value
The CustomParam method returns one of the following values:
- The new or existing parameter information
- A null string if the call was unsuccessful
The CustomSecret method sets or retrieves the shared secret for the custom authentication scheme.
Syntax
The CustomSecret method has the following format:
Netegrity::PolicyMgtAuthScheme->CustomSecret([param])
Parameters
The CustomSecret method accepts the following parameter:
- param(string)(Optional) Specifies the shared secret.
Return Value
The CustomSecret method returns one of the following values:
- The new or existing shared secret
- A null string if the call was unsuccessful
Description Method Sets or Retrieves the Description of the Authentication Scheme
The Description method sets or retrieves the description of the authentication scheme.
Syntax
The Description method has the following format:
Netegrity::PolicyMgtAuthScheme->Description([schemeDesc])
Parameters
The Description method accepts the following parameter:
- schemeDesc(string)(Optional) Specifies the description.
Return Value
The Description method returns one of the following values:
- The new or existing authentication scheme description
- An empty string if the call was unsuccessful
GetMessageConsumerPluginFromSAML1xScheme Method--Retrieves Message Consumer Plug-in Class Name
The GetMessageConsumerPluginFromSAML1xScheme method retrieves the message consumer plug-in class name and parameter from a SAML1x authentication scheme.
Syntax
The GetMessageConsumerPluginFromSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->GetMessageConsumerPluginFromSAML1xScheme(pluginClass, pluginParam)
Parameters
The GetMessageConsumerPluginFromSAML1xScheme method accepts the following parameters:
- pluginClass(string)Specifies the message consumer plug-in class name.
- pluginParam(string)Specifies the message consumer plug-in parameter name.
Return Value
The GetMessageConsumerPluginFromSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
GetRedirectURLFromSAML1xScheme Method--Retrieves a Redirect URL
The GetRedirectURLFromSAML1xScheme method retrieves a redirect URL, type, and mode from a SAML1x authentication scheme.
Syntax
The GetRedirectURLFromSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->GetRedirectURLFromSAML1xScheme(iTypeURL, URL, redirectMode)
Parameters
The GetRedirectURLFromSAML1xScheme method accepts the following parameters:
- iTypeURL(int)Specifies the redirect URL type, which is one of the following values:0—User Note Found1— Invalid Message2—Unaccepted credential
- URL(string)Specifies the redirect URL site.
- redirectMode(int)Specifies the redirect mode, which can be either of the following values:
- 0—302 No Data
- 1—POST
Return Value
The GetRedirectURLFromSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
GetTargetConfigFromSAML1xScheme Method--Retrieves the Target Configuration
The GetTargetConfigFromSAML1xScheme method retrieves the default Target and QueryParameterOverridesTarget configuration from a SAML1x authentication scheme.
Syntax
The GetTargetConfigFromSAML1xScheme method has the following format:
Netegrity::PolicyMgtAuthScheme->GetTargetConfigFromSAML1xScheme(pszTargetURL, iQPOverrideTarget)
Parameters
The GetTargetConfigFromSAML1xScheme method accepts the following parameters:
- pszTargetURL(string)Specifies the default Target URL.
- iQPOverrideTarget(int)Specifies whether the query parameter overrides the default Target configuration.
Return Value
The GetTargetConfigFromSAML1xScheme method returns one of the following values:
- Sm_PolicyApi_Success
- Sm_PolicyApi_Failure
IgnorePwd Method Specifies whether Password Policies Should Be Checked
The IgnorePwd method sets or retrieves the flag that specifies whether password policies should be checked for the authentication scheme.
Syntax
The IgnorePwd method has the following format:
Netegrity::PolicyMgtAuthScheme->IgnorePwd([pwdFlag])
Parameters
The IgnorePwd method accepts the following parameter:
- pwdFlag(int)(Optional) Specifies whether to ignore password policies (set to 1), or enforce them (set to 0).
Return Value
The IgnorePwd method returns one of the following values:
- 1 if password policies should be ignored
- 0 if password policies
- -1 if the call was unsuccessful
IsRadius Method Determines whether the Authentication Scheme Supports RADIUS Agents
The IsRadius method sets or retrieves the flag that specifies whether the authentication scheme supports RADIUS agents.
Syntax
The IsRadius method has the following format:
Netegrity::PolicyMgtAuthScheme->IsRadius([radFlag])
Parameters
The IsRadius method accepts the following parameter:
- radFlag(int)(Optional) Specifies whether the authentication scheme supports RADIUS agents (1=yes; 0=no).
Return Value
The IsRadius method returns one of the following values:
- 1 if the authentication scheme supports RADIUS agents
- 0 if the authentication scheme does not support RADIUS agents
- -1 if the call was unsuccessful
IsTemplate Method Determines whether the Authentication Scheme Is a Template
The IsTemplate method retrieves the flag value that indicates whether the authentication scheme is a template.
Syntax
The IsTemplate method has the following format:
Netegrity::PolicyMgtAuthScheme->IsTemplate( )
Parameters
The IsTemplate method accepts no parameters.
Return Value
The IsTemplate method returns one of the following values:
- 1 if the authentication scheme is a template
- 0 if the authentication scheme is not a template
- -1 the call was unsuccessful
Remarks
Setting an authentication scheme as a template with the Perl Policy Management API is deprecated in
CA Single Sign-On
v6.0 SP3.IsUsedByAdmin Method Determines whether the Scheme Authenticates Administrators
The IsUsedByAdmin method determines whether the scheme should be used to authenticate administrators.
Syntax
The IsUsedByAdmin method has the following format:
Netegrity::PolicyMgtAuthScheme->IsUsedByAdmin([useAdminFlag])
Parameters
The IsUsedByAdmin method accepts the following parameter:
- useAdminFlag(int)(Optional) Specifies whether the scheme should be used to authenticate administrators:
- 1 to allow the scheme to be used for administrator authentication
- 0 to disallow the scheme to be used for administrator authentication
Return Value
The IsUsedByAdmin method returns one of the following values:
- 1 if the scheme can be used to authenticate administrators
- 0 if the scheme cannot be used to authenticate administrators
- -1 if the call was unsuccessful
Name Method Sets or Retrieves the Name of the Authentication Scheme
The Name method sets or retrieves the name of the authentication scheme.
Syntax
The Name method has the following format:
Netegrity::PolicyMgtAuthScheme->Name([authSchemeName])
Parameters
The Name method accepts the following parameter:
- authSchemeName(string)(Optional) Specifies the name to assign to the authentication scheme.
Return Value
The Name method returns one of the following values:
- The new or existing authentication scheme name
- undef if the call was unsuccessful
ProtectionLevel Method Sets or Retrieves the Protection Level of the Authentication Scheme
The ProtectionLevel method sets or retrieves the protection level of the authentication scheme.
Syntax
The ProtectionLevel method has the following format:
codefirstNetegrity::PolicyMgtAuthScheme->ProtectionLevel([nlevel])
Parameters
The ProtectionLevel method accepts the following parameter:
- nlevel(int)(Optional) Specifies the protection level to set.
Return Value
The ProtectionLevel method returns one of the following values:
- The new or existing authorization scheme protection level
- -1 if unsuccessful
Remarks
The level can vary from 1 to 1000. The higher the number, the more secure is the scheme. With Anonymous authentication schemes, set this value to 0.
Save Method Saves the Authentication Scheme to the Policy Store
The Save method saves the authentication scheme to the policy store.
Syntax
The Save method has the following format:
Netegrity::PolicyMgtAuthScheme->Save( )
Parameters
The Save method accepts no parameters.
Return Value
The Save method returns one of the following values:
- 0 on success
- -1 on failure
- -4 if the user has insufficient privileges to save the changes
- -100 if the scheme object identifier is not found
Remarks
Call this method once after making all the modifications to the authentication scheme that you intend to make. This method must be called for any changes to take effect.
SaveCredentials Method Determines whether User Credentials Can Be Saved
The SaveCredentials method sets or retrieves the flag that allows user credentials to be saved.
Syntax
The SaveCredentials method has the following format:
Netegrity::PolicyMgtAuthScheme->SaveCredentials([credFlag])
Parameters
The SaveCredentials method accepts the following parameter:
- credFlag(int)(Optional) Specifies the flag value:
- 1 if credentials can be saved
- 0 if credentials cannot be saved
Return Value
The SaveCredentials method returns one of the following values:
- 1 if user credentials can be saved
- 0 if user credentials cannot be saved
Type Method Sets or Retrieves the Authentication Scheme Type
The Type method sets or retrieves the authentication scheme type.
Syntax
The Type method has the following format:
Netegrity::PolicyMgtAuthScheme->Type([template])
Parameters
The Type method accepts the following parameter:
- template(PolicyMgtAuthScheme)(Optional) Specifies the authentication scheme type.
Return Value
The Type method returns one of the following values:
- The new or existing authentication scheme type
- undefif the call was unsuccessful