Table Of Contents
Using PDP WSDL
AuthorizationServiceWsdl
Accessing AuthorizationServiceWsdl
Generate Client Stub Using AXIS 1.1
Generate Client Stub Using AXIS 2.0
Generate Client Stub for .NET Applications
Invoking getAuthorizedDecisions() Method Using Axis1.1
Invoking getAuthorizedDecisions() Method Using Axis2.0
Invoking getAuthorizedDecisions() Method in .NET:
PdpServiceWsdl
Sample Request and Response Codes
isUserAccessAllowed Method
getPermissibleResourcesForUser Method
Using PDP WSDL
In CEPM, you can make use of the PDP WSDLs to generate client stubs for your application irrespective of its construction framework such as C, C++, Dotnet, etc. The PEP client constructs a XACML request object and sends it to the PDP using SOAP. The PDP, in return, communicates the decision through a XACML response object.
CEPM now provides two WSDLs, such as,
•AuthorizationServiceWsdl
•PdpServiceWsdl
Note In CEPM Version 3.3.0.0, the PdpServiceWsdl feature was deprecated, and in Version 3.3.1.0 PdpServiceWsdl was replaced with the AuthorizationServiceWsdl feature. In Version 3.3.1.4, the PdpServiceWsdl feature is reinstated with limited functionality for use with legacy deployments.
Note Cisco strongly recommends usage of AuthorizationServiceWsdl feature for all future deployments and upgrades.
This chapter explains:
•How to download the WSDL
•Generate your own PEP client stub
•How to construct a XACML request object
•How to get the response
•How to retrieve data from the response
AuthorizationServiceWsdl
AuthrizationServicesWsdl is a WS-I compliant WSDL, which supports a generic method called getAuthorizedDecisions(). This method which takes XACML request object as its input parameter. This method replaces all existing PEP methods such as isUserAccessAllowed(), isGroupAccessAllowed, isRoleAccessAllowed(), getDecisions() etc.
Accessing AuthorizationServiceWsdl
You can access the WSDL from the following service URL:
http://host:port/pdp/services/AuthorizationServices?wsdl
Replace the host name and port number arguments in the URL with the correct values corresponding to where you have deployed the PDP.
Generate Client Stub Using AXIS 1.1
To customize the WSDLs according to your application requirements, generate the necessary client stubs using the appropriate conversion tools. For example, to utilize this WSDL in your Java application, use the Apache - WSDL2Java tool for building stubs, skeletons, and datatypes from WSDL documents. Assuming that Axis1.1 is installed in your system, to generate the stub, go to /Axis1.1/bin in the command prompt and run the following code:
java org.apache.axis.wsdl.WSDL2Java AuthorizationService.wsdl
Generate Client Stub Using AXIS 2.0
Assuming that Axis2.0 is installed in your system, to generate the stub, go to /Axis2.0/bin in the command prompt and run the following code:
wsdl2java.bat -uri AuthorizationService.wsdl
Generate Client Stub for .NET Applications
If your application is developed in .NET, you can generate the required client stubs by creating web reference for every WSDL. To do this:
Step 1 Open your project in the Microsoft Visual Studio.
Step 2 Right click on Reference.
Figure 4-1 Solution Explorer
Step 3 Select Add Web Reference.
Step 4 In the URL field, enter the directory path or the URL of the PDP WSDL using which you want to generate the stub.
Figure 4-2 Add Web Reference
Step 5 Enter the name of the Web Reference.
Step 6 Click Add Reference.
This generates the necessary client stub for your application.
Invoking getAuthorizedDecisions() Method Using Axis1.1
The getAuthorizedDecisions method is a generic method which takes XACML request as its input parameter. This single API method replaces all existing PEP methods such as isUserAccessAllowed(), isRoleAccessAllowed(), getDecisions() etc. The following is a sample code for using the getAuthorizedDecisions method using AuthorizationServiceWsdl.
Step 1 Initialize the AuthorizationService at client side.
AuthorizationServiceLocator locator=new AuthorizationServiceLocator();
IAuthorizationService service=null;
service=locator.getAuthorizationService(new
URL("http://localhost:7070/pdp/services/AuthorizationService"));
// TODO Auto-generated catch block
Step 2 Construct the XACML request object.
XacmlRequest request =new XacmlRequest();
Step 3 Add subject to the XACML Request with subjectCategory='urn:oasis:names:tc:xacml:1.0:subject-category:access-subject'
subjectid='urn:oasis:names:tc:xacml:1.0:subject:subject-id'
Note For Group based entitlement, the subject-id will be group-id -
urn:oasis:names:tc:xacml:1.0:subject:group-id
For Role based entitlement, the subject-id will be role-id -
urn:oasis:names:tc:xacml:1.0:subject:role-id
Subject subject=new Subject();
subject.setSubjectCategory("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject")
;
XACMLAttribute[] subAttribute=new XACMLAttribute[1];
subject.setAttributes(subAttribute);
subAttribute[0]=new XACMLAttribute();
subAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
subAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:subject:subject-id");
XACMLAttributeValue[] subAttrValue=new XACMLAttributeValue[1];
subAttribute[0].setAttribValue(subAttrValue);
subAttrValue[0]=new XACMLAttributeValue();
//Add the subject value below
subAttrValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
subAttrValue[0].setValue("gracie");
request.setSubjects(new Subject[]{subject});
Step 4 Add resource to the XACML Request with the following resource-id attributeid='urn:oasis:names:tc:xacml:1.0:resource:resource-id'
Resource resource=new Resource();
XACMLAttribute[] resAttribute=new XACMLAttribute[1];
resource.setAttributes(resAttribute);
resAttribute[0]=new XACMLAttribute();
resAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
resAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:resource:resource-id");
XACMLAttributeValue[] resAttrValue=new XACMLAttributeValue[1];
resAttribute[0].setAttribValue(resAttrValue);
resAttrValue[0]=new XACMLAttributeValue();
//Add the subject value below
resAttrValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
resAttrValue[0].setValue("Prime group:Prime portal:Resource5");
request.setResources(new Resource[]{resource});
Step 5 Add action to the XACML Request with the following action-id: attributeid='urn:oasis:names:tc:xacml:1.0:action:action-id'
Action action=new Action();
XACMLAttribute[] actAttribute=new XACMLAttribute[1];
action.setAttributes(actAttribute);
actAttribute[0]=new XACMLAttribute();
actAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
actAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:action:action-id");
XACMLAttributeValue[] actAttrValue=new XACMLAttributeValue[1];
actAttribute[0].setAttribValue(actAttrValue);
actAttrValue[0]=new XACMLAttributeValue();
//Add the subject value below
actAttrValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
actAttrValue[0].setValue("any");
request.setAction(action);
Step 6 Add environment such as context, role bundle to the XACML Request.
Environment environment=new Environment();
XACMLAttribute[] envAttribute=new XACMLAttribute[3];
environment.setAttributes(envAttribute);
•Add context to the environment section of XACML Request
envAttribute[0]=new XACMLAttribute();
envAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
envAttribute[0].setId("urn:cisco:cepm:3.3:xacml:context-name");
XACMLAttributeValue[] envAttrValue=new XACMLAttributeValue[1];
envAttribute[0].setAttribValue(envAttrValue);
envAttrValue[0]=new XACMLAttributeValue();
envAttrValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
envAttrValue[0].setValue("Global Context:Global Context");
•Add rolebundle to the environment section of XACML Request
envAttribute[1]=new XACMLAttribute();
envAttribute[1].setType("http://www.w3.org/2001/XMLSchema#string");
envAttribute[1].setId("urn:cisco:cepm:3.3:xacml:rolebundle-name");
XACMLAttributeValue[] envAttrRBValue=new XACMLAttributeValue[1];
envAttribute[1].setAttribValue(envAttrRBValue);
envAttrRBValue[0]=new XACMLAttributeValue();
envAttrRBValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
envAttrRBValue[0].setValue("Default");
•Add level to the environment section of XACML Request. Level mentioned in the XACMLRequest indicates the level of child resources up to which the evaluation should be done for the requested resource.
envAttribute[2]=new XACMLAttribute();
envAttribute[2].setType("http://www.w3.org/2001/XMLSchema#string");
envAttribute[2].setId("level");
XACMLAttributeValue[] envAttrLevValue=new XACMLAttributeValue[1];
envAttribute[2].setAttribValue(envAttrLevValue);
envAttrLevValue[0]=new XACMLAttributeValue();
envAttrLevValue[0].setType("http://www.w3.org/2001/XMLSchema#string");
envAttrLevValue[0].setValue("1");
Step 7 Set the environment variables.
request.setEnvironment(environment);
Step 8 Invoke the getAuthorizedDecisions method.
XacmlResponse response=service.getAuthorizedDecision(request);
Step 9 Get the response.
Result[] results=response.getResults();
if(results!=null && results.length>0)
for (int i = 0; i < results.length; i++) {
System.out.println("ResourceName=["+results[i].getResourceId()+"],decision=["+results[i].g
etDecision()+"]");
} catch (LicenseException e) {
// TODO Auto-generated catch block
} catch (AuthenticationFailedException e) {
// TODO Auto-generated catch block
} catch (XacmlProcessingException e) {
// TODO Auto-generated catch block
} catch (DBException e) {
// TODO Auto-generated catch block
} catch (RemoteException e) {
// TODO Auto-generated catch block
The following is the sample response code.
if(results!=null && results.length>0)
for (int i = 0; i < results.length; i++) {
System.out.println("ResourceName=["+results[i].getResourceId()+"],decision=["+results[i].g
etDecision()+"]");
Obligation[] obligation= results[i].getObligations();
for (int j = 0; j < obligation.length; j++) {
System.out.println("\t\t\tObligation Details are
id=["+obligation[j].getObligationId()+"],fulfillon=["+obligation[j].getFulfillOn()+"]");
AttributeAssignment[] attribAssign= obligation[j].getAttributeAssignment();
for (int k = 0; k < attribAssign.length; k++) {
System.out.println("\t\t\t\t\tAttributeAssignment Details are
attributeid=["+attribAssign[k].getAttributeID()+"],attributeValue=["+
attribAssign[k].getValue()+"]");
Invoking getAuthorizedDecisions() Method Using Axis2.0
The following is a sample code for using the getAuthorizedDecisions method:
Step 1 Initialize the AuthorizationService in the client side.
AuthorizationServiceStub stub=new
AuthorizationServiceStub("http://localhost:7070/pdp/services/AuthorizationService");
GetAuthorizedDecision decision=new GetAuthorizedDecision();
Step 2 Construct the XACML request object.
XacmlRequest request=new XacmlRequest();
decision.setXacmlRequest(request);
SubjectArray subArray=new SubjectArray();
Step 3 Add subjects to the XACML request
Subject[] subject=new Subject[1];
subject[0]=new Subject();
subject[0].setSubjectCategory("urn:oasis:names:tc:xacml:1.0:subject-category:access-subjec
t");
XACMLAttributeArray subAttrArray= new XACMLAttributeArray();
XACMLAttribute[] subAttribute=new XACMLAttribute[1];
subAttribute[0]=new XACMLAttribute();
subAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:subject:subject-id");
subAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
subAttribute[0].setIssuer("requestor");
subAttrArray.setXacmlAttributeArray(subAttribute);
XACMLAttributeValue[] subvalue=new XACMLAttributeValue[1];
subvalue[0]=new XACMLAttributeValue();
subvalue[0].setType("http://www.w3.org/2001/XMLSchema#string");
subvalue[0].setValue("gracie");
XACMLAttributeValueArray xaArray=new XACMLAttributeValueArray();
xaArray.setXacmlAttributeValueArray(subvalue);
subAttribute[0].setAttribValue(xaArray);
subject[0].setAttributes(subAttrArray);
subArray.setSubjectArray(subject);
Step 4 Add resource to the XACML request
ResourceArray resArray=new ResourceArray();
Resource[] resource=new Resource[1];
resource[0]=new Resource();
XACMLAttributeArray resAttrArray= new XACMLAttributeArray();
XACMLAttribute[] resAttribute=new XACMLAttribute[1];
resAttribute[0]=new XACMLAttribute();
resAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:resource:resource-id");
resAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
resAttrArray.setXacmlAttributeArray(resAttribute);
XACMLAttributeValue[] resvalue=new XACMLAttributeValue[1];
resvalue[0]=new XACMLAttributeValue();
resvalue[0].setType("http://www.w3.org/2001/XMLSchema#string");
resvalue[0].setValue("Prime group:Prime portal:Resource5");
XACMLAttributeValueArray resxaArray=new XACMLAttributeValueArray();
resxaArray.setXacmlAttributeValueArray(resvalue);
resAttribute[0].setAttribValue(resxaArray);
resource[0].setAttributes(resAttrArray);
resArray.setResourceArray(resource);
Step 5 Add action to the XACML request
Action action =new Action();
XACMLAttributeArray actAttrArray= new XACMLAttributeArray();
XACMLAttribute[] actAttribute=new XACMLAttribute[1];
actAttribute[0]=new XACMLAttribute();
actAttribute[0].setId("urn:oasis:names:tc:xacml:1.0:action:action-id");
actAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
actAttrArray.setXacmlAttributeArray(actAttribute);
XACMLAttributeValue[] actvalue=new XACMLAttributeValue[1];
actvalue[0]=new XACMLAttributeValue();
actvalue[0].setType("http://www.w3.org/2001/XMLSchema#string");
actvalue[0].setValue("any");
XACMLAttributeValueArray actxaArray=new XACMLAttributeValueArray();
actxaArray.setXacmlAttributeValueArray(actvalue);
actAttribute[0].setAttribValue(actxaArray);
action.setAttributes(actAttrArray);
Step 6 Add environment to the XACML request
Environment env=new Environment();
XACMLAttributeArray envAttrArray= new XACMLAttributeArray();
XACMLAttribute[] envAttribute=new XACMLAttribute[1];
envAttribute[0]=new XACMLAttribute();
envAttribute[0].setId("level");
envAttribute[0].setType("http://www.w3.org/2001/XMLSchema#string");
envAttribute[0].setIssuer("requestor");
envAttrArray.setXacmlAttributeArray(resAttribute);
XACMLAttributeValue[] envvalue=new XACMLAttributeValue[1];
envvalue[0]=new XACMLAttributeValue();
envvalue[0].setType("http://www.w3.org/2001/XMLSchema#string");
envvalue[0].setValue("1");
XACMLAttributeValueArray envxaArray=new XACMLAttributeValueArray();
envxaArray.setXacmlAttributeValueArray(envvalue);
envAttribute[0].setAttribValue(envxaArray);
env.setAttributes(envAttrArray);
request.setSubjects(subArray);
request.setResources(resArray);
request.setAction(action);
request.setEnvironment(env);
Step 7 Get the response.
GetAuthorizedDecisionResponse response=stub.getAuthorizedDecision(decision);
XacmlResponse res=response.getXacmlResponse();
ResultArray resultArray=res.getResults();
Result[] results=resultArray.getResultsArray();
for (int i = 0; i < results.length; i++) {
System.out.println("ResourceName=["+results[i].getResourceId()+"],decision=["+results[i].g
etDecision()+"]");
The following is the sample response code.
if(results!=null && results.length>0)
for (int i = 0; i < results.length; i++) {
System.out.println("ResourceName=["+results[i].getResourceId()+"],decision=["+results[i].g
etDecision()+"]");
Obligation[] obligation= results[i].getObligations().getObligationArray();
for (int j = 0; j < obligation.length; j++) {
System.out.println("\t\t\tObligation Details are
id=["+obligation[j].getObligationId()+"],fulfillon=["+obligation[j].getFulfillOn()+"]");
AttributeAssignment[] attribAssign=
obligation[j].getAttributeAssignment().getAttributeAssignmentArray();
for (int k = 0; k < attribAssign.length; k++) {
System.out.println("\t\t\t\t\tAttributeAssignment Details are
attributeid=["+attribAssign[k].getAttributeID()+"],attributeValue=["+
attribAssign[k].getValue()+"]");
Invoking getAuthorizedDecisions() Method in .NET:
the following is the sample code for using GetAuthorizedDecision method for .NET application:
Step 1 Initialize the AuthorizationService in the client side.
AuthorizationService service = new AuthorizationService();
service.Url = "http://localhost:9090/pdp/services/AuthorizationService";
Step 2 Construct the XACML request object.
XacmlRequest request = CreateXacmlRequest("policyAttributeUser", "Prime group:Prime
portal:Resource1","any",null,new string[]{"Default"},new string[]{"Global Context:Global
Context"});
private static XacmlRequest CreateXacmlRequest(String subject, String resource, String
action, Hashtable environment, String[] roleBundles, String[] contexts)
XacmlRequest request = null;
Step 3 Create subject
XACMLAttributeValue subjectAttributeValue = new XACMLAttributeValue();
subjectAttributeValue.type = "http://www.w3.org/2001/XMLSchema#string";
subjectAttributeValue.value = subject;
XACMLAttributeValue[] subjectAttributesValue = new XACMLAttributeValue[1];
subjectAttributesValue[0] = subjectAttributeValue;
XACMLAttribute subjectAttribute = new XACMLAttribute();
subjectAttribute.attribValue = subjectAttributesValue;
subjectAttribute.id = "urn:oasis:names:tc:xacml:1.0:subject:subject-id";
subjectAttribute.issuer = "requestor";
subjectAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
XACMLAttribute[] subjectAttributes = new XACMLAttribute[1];
subjectAttributes[0] = subjectAttribute;
Subject[] subjects = new Subject[1];
Subject sub = new Subject();
sub.attributes = subjectAttributes;
sub.subjectCategory = "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject";
Step 4 Create Resource
XACMLAttributeValue resourceAttributeValue = new XACMLAttributeValue();
resourceAttributeValue.value = resource;
resourceAttributeValue.type = "resource-id";
XACMLAttributeValue[] resourcesAttributesValue = new XACMLAttributeValue[1];
resourcesAttributesValue[0] = resourceAttributeValue;
XACMLAttribute resourceAttribute = new XACMLAttribute();
resourceAttribute.attribValue = resourcesAttributesValue;
resourceAttribute.id = "urn:oasis:names:tc:xacml:1.0:resource:resource-id";
resourceAttribute.issuer = "";
resourceAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
XACMLAttribute[] resourcesAttributes = new XACMLAttribute[1];
resourcesAttributes[0] = resourceAttribute;
Resource[] resources = new Resource[1];
Resource res = new Resource();
res.attributes = resourcesAttributes;
Step 5 Create action
XACMLAttributeValue actionAttributeValue = new XACMLAttributeValue();
actionAttributeValue.value = action;
actionAttributeValue.type = "action-id";
XACMLAttributeValue[] actionsAttributesValue = new XACMLAttributeValue[1];
actionsAttributesValue[0] = actionAttributeValue;
XACMLAttribute actionAttribute = new XACMLAttribute();
actionAttribute.attribValue = actionsAttributesValue;
actionAttribute.id = "urn:oasis:names:tc:xacml:1.0:action:action-id";
actionAttribute.issuer = "";
actionAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
XACMLAttribute[] actionsAttributes = new XACMLAttribute[1];
actionsAttributes[0] = actionAttribute;
Action act = new Action();
act.attributes = actionsAttributes;
numberOfKeys = numberOfKeys + 1;
if ((environment != null) &&
(!environment.Contains("urn:cisco:cepm:3.3:xacml:rolebundle-name")))
environment.Add("urn:cisco:cepm:3.3:xacml:rolebundle-name", "Default");
if ((contexts != null) && (contexts[0] != null))
numberOfKeys = numberOfKeys + 1;
if ((environment != null) &&
!environment.Contains("urn:cisco:cepm:3.3:xacml:context-name")))
environmnt.Add("urn:cisco:cepm:3.3:xacml:context-name", "Global Context:Global Context")
numberOfKeys = numberOfKeys + environment.Count;
XACMLAttribute[] environmentsAttributes = new XACMLAttribute[numberOfKeys]; ;
Step 6 Create environment.
foreach (DictionaryEntry entry in environment)
String key = entry.Key.ToString();
String value = entry.Value.ToString();
XACMLAttributeValue environmentAttributeValue = new XACMLAttributeValue();
environmentAttributeValue.value = value;
environmentAttributeValue.type = key;
XACMLAttributeValue[] environmentsAttributesValue = new XACMLAttributeValue[1];
environmentsAttributesValue[0] = environmentAttributeValue;
XACMLAttribute environmentAttribute = new XACMLAttribute();
environmentAttribute.attribValue = environmentsAttributesValue;
environmentAttribute.id = key;
environmentAttribute.issuer = "";
environmentAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
environmentsAttributes[index] = environmentAttribute;
XACMLAttributeValue[] environmentsAttributesValue = new
XACMLAttributeValue[roleBundles.Length];
foreach (String roleBundle in roleBundles)
XACMLAttributeValue environmentAttributeValue = new XACMLAttributeValue();
environmentAttributeValue.value = roleBundle;
environmentAttributeValue.type = "http://www.w3.org/2001/XMLSchema#string";
environmentsAttributesValue[innerIndex++] = environmentAttributeValue;
XACMLAttribute environmentAttribute = new XACMLAttribute();
environmentAttribute.attribValue = environmentsAttributesValue;
environmentAttribute.id = "urn:cisco:cepm:3.3:xacml:rolebundle-name";
environmentAttribute.issuer = "";
environmentAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
environmentsAttributes[index++] = environmentAttribute;
if ((contexts != null) && (contexts[0] != null))
XACMLAttributeValue[] environmentsAttributesValue = new
XACMLAttributeValue[contexts.Length];
foreach (String context in contexts)
XACMLAttributeValue environmentAttributeValue = new XACMLAttributeValue();
environmentAttributeValue.value = context;
environmentAttributeValue.type = "http://www.w3.org/2001/XMLSchema#string";
environmentsAttributesValue[innerIndex++] = environmentAttributeValue;
XACMLAttribute environmentAttribute = new XACMLAttribute();
environmentAttribute.attribValue = environmentsAttributesValue;
environmentAttribute.id = "urn:cisco:cepm:3.3:xacml:context-name";
environmentAttribute.issuer = "";
environmentAttribute.type = "http://www.w3.org/2001/XMLSchema#string";
environmentsAttributes[index++] = environmentAttribute;
TestPDPWsdl.PepClient.Environment env = new TestPDPWsdl.PepClient.Environment();
env.attributes = environmentsAttributes;
request = new XacmlRequest();
request.subjects = subjects;
request.resources = resources;
request.environment = env;
Step 7 Invoke getAuthorizedDecisions method to get the response.
XacmlResponse response = service.getAuthorizedDecision(request);
The following is the sample response code.
private static void GetAttributes(XacmlResponse response)
if(response.results!=null)
foreach(Result result in response.results)
Console.WriteLine("Decision [ " + decisions[result.decision] + " ]");
foreach(Obligation obligation in result.obligations)
foreach(AttributeAssignment attribute in obligation.attributeAssignment)
Console.WriteLine(attribute.attributeID + "\t\t\t\t\t"+attribute.value);
PdpServiceWsdl
PdpServiceWsdl is a non-WS-I compliant WSDL, which supports the following PEP methods:
•isUserAccessAllowed()
•getPermissibleResourcesForUser()
Using SoapUI tool, you can verify how the request and response are structured for the supported methods. To do this:
Step 1 Open the SoapUI tool.
Step 2 Add your project by selecting File > New SoapUI Project. A pop up window appears.
Step 3 In the pop up window, enter the project name.
Step 4 Add the WSDL URL in http://host:port/pdp/services/PDPService?wsdl format.
Note Replace the host name and port number arguments in the URL with the correct values corresponding to where you have deployed the PDP.
Step 5 Click OK. This adds the project in the tool and constructs the methods of the specified WSDL with the request and response structure. Expand the project name to see the WSDL name. You can see the supported method names by further expansion of the tree.
Step 6 To add a request, select a method and click Request. This adds the Request and Response frames in the tool window. The request frame contains the request in a predefined format.
Step 7 Enter the input parameter values. See Sample Request and Response Codes for sample request and response codes for the supported methods.
Step 8 Click Submit Request to Endpoint URL button to get the response for the above requests.
You can see the response in the right frame. See Sample Request and Response Codes for the supported methods.
Sample Request and Response Codes
isUserAccessAllowed Method
If you select isUserAccessAllowed method, which takes user, resource, and action as the input parameters, the request and response should look like -
Request -
<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="http://soap.listener.pdp.securent.net">
<soap:isUserAccessAllowed
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<subject xsi:type="xsd:string">test22</subject>
<resource xsi:type="xsd:string">Application
Group1:Application1:TestResource100</resource>
<action xsi:type="xsd:string">any</action>
</soap:isUserAccessAllowed>
Response -
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ns1:isUserAccessAllowedResponse
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns1="http://soap.listener.pdp.securent.net">
<isUserAccessAllowedReturn
xsi:type="xsd:boolean">true</isUserAccessAllowedReturn>
</ns1:isUserAccessAllowedResponse>
getPermissibleResourcesForUser Method
If you select getPermissibleResourcesForUser method, which takes user, resource, role bundle, and context as the input parameters, the request and response should look like -
Request -
<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="http://soap.listener.pdp.securent.net">
<soap:getPermissibleResourcesForUser
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<subject xsi:type="xsd:string">test22</subject>
<resourceName xsi:type="xsd:string">Application
Group1:Application1:TestResource100</resourceName>
<roleBundles xsi:type="xsd:string">Global:Default</roleBundles>
<context xsi:type="xsd:string">Global Context:Global Context</context>
</soap:getPermissibleResourcesForUser>
Response -
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ns1:getPermissibleResourcesForUserResponse
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns1="http://soap.listener.pdp.securent.net">
<getPermissibleResourcesForUserReturn soapenc:arrayType="xsd:string[4]"
xsi:type="soapenc:Array" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">
<getPermissibleResourcesForUserReturn
xsi:type="xsd:string">res101:res102:res103</getPermissibleResourcesForUserReturn>
<getPermissibleResourcesForUserReturn
xsi:type="xsd:string">res101:res102<</getPermissibleResourcesForUserReturn>
<getPermissibleResourcesForUserReturn
xsi:type="xsd:string">res101</getPermissibleResourcesForUserReturn>
</getPermissibleResourcesForUserReturn>
</ns1:getPermissibleResourcesForUserResponse>