000030242 - Test Web Services Description Language (WSDL) connectivity for RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Jan 8, 2020
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000030242
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager 
RSA Version/Condition: 8.x
IssueThis article explains how to test Web Services Description Language (WSDL) connectivity for RSA Authentication Manager 8.x.

      ResolutionTo test WSDL,
      1. Enter the URL https://<fully_qualified_domain_name>:7002/ims-ws/services/CommandServer?wsdl into a supported web browser, where the <fully_qualified_domain_name> is replaced with the fully qualified domain name of your primary RSA Authentication Manager instance.
      2. The popup below displays:

      User-added image

      1. The required username and password can be found via the command line of the RSA Authentication Manager primary instance.
        1. Logon to the RSA Authentication Manager operating system with the rsaadmin account where you are connecting to WSDL
        2. Navigate to the /opt/rsa/am/utils folder as rsaadmin.
        3. Use the following commands to get the username and password required

      login as: rsaadmin
      Using keyboard-interactive authentication.
      Password: <enter operating system password>
      Last login: Wed Jan  8 16:14:09 2020 from jumphost.vcloud.local
      RSA Authentication Manager Installation Directory: /opt/rsa/am
      rsaadmin@am82p:~> cd /opt/rsa/am/utils
      rsaadmin@am82p:/opt/rsa/am/utils> ./rsautil manage-secrets -a list
      Please enter OC Administrator username: <enter Operations Console administrator name>
      Please enter OC Administrator password: <enter Operations Console administrator password>
      Secrets stored in ./etc/systemfields.properties.
      Command API Client User ID ............................: CmdClient_r06oo8sc
      Command API Client User Password ......................: idQl1P2AaphUEFrTe87Wbmz6KyOe8R
      SSL Server Identity Certificate Private Key Password ..: lBSeudmCmvYIlkeMHM4bkwstOdav8s
      SSL Server Identity Certificate Keystore File Password : xHZc6S9k1ZGLCLFWJLn9PyA7Uy3i6i
      Root Certificate Private Key Password .................: FoxETeO49g4fh6Cixbji7RGcPJrCqF
      Root Certificate Keystore File Password ...............: BB3aNkbU4uaEoNbURcTflnqd7Kcuna

      The "listkeys" action displays the key names to use when setting the values.

      1. At the prompt, enter the username and password captured above and press OK
      2. If the WSDL interface is working, the Authentication Manager instance will return an XML file, as in the example below:

      User-added image
      NotesImportant notes:
      • The Command Client User Name and Password cannot be changed, as it would cause serious issues if changed.
      • When the correct Command API Client User ID but a bad password is provided to WSDL an Error 401—Unauthorized is returned.
      • Authentication looping is due to incorrect logon credentials being provided.
      • For more info, check the RSA Authentication Manager Developer's Guide.
      • The RSA Authentication Manager SDK and RSA Authentication Manager Developer’s Guide are found in the rsa-am-extras-<version>.zip available via RSA SecurID Access Downloads on RSA Link.