000029083 - How to go about setting up the RSA SecurID Authentication Agent API 8.5 on a Linux operating system

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029083
Applies To
RSA Product SetSecurID
RSA Product/Service TypeAuthentication Agent API
RSA Version/Condition8.5
PlatformLinux
Platform (Other)Java
O/S Version 
Product Name 
Product DescriptionAuthentication Agent API
IssueAfter setting up the RSA SecurID Authentication Agent API 8.5 the following message is seen in the log file:
Can't create api: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: Could not generate DH keypair
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: Could not generate DH keypair
        at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.java)
        at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionFactory.java)
        at sample.AuthUser.<init>(AuthUser.java:32)
        at sample.AuthUser.main(AuthUser.java:62)

 
ResolutionRSA SecurID Authentication Agent API 8.5 samples code setup on a Linux platform:

 
1.A folder called /sandbox was created on the Linux platform under a user account
    
2.Java Development Kit (JDK) 7 was downloaded from URL http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html and unpacked into the /sandbox/java folder
    
3.Java Cryptography Extension (JCE) is required by the RSA SecurID Authentication Agent API 8.5 and the correct version of JCE was downloaded from URL http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html.
    
   Renamed /sandbox/java/jdk1.7.0/jre/lib/security/US_export_policy.jar and /sandbox/java/jdk1.7.0/jre/lib/security/local_policy.jar files to have a new extension of OLD.
    
   The new JCE US_export_policy.jar & local_policy.jar files were copied into the /sandbox/java/jdk1.7.0/jre/lib/security folder
    
4.NOTE: missing this step causes the issue above.
    
   A change is required in the <JDKHOME>/jre/lib/security/java.security file to include the RSA JCE and JSSE providers
    
   Updated the list of providers in the /sandbox/java/jdk1.7.0/jre/lib/security/java.security file as shown: 
  



#
# List of providers and their preference orders (see above):
#
security.provider.1=com.rsa.jsafe.provider.JsafeJCE
security.provider.2=com.rsa.jsse.JsseProvider
security.provider.3=sun.security.provider.Sun
security.provider.4=sun.security.rsa.SunRsaSign
security.provider.5=sun.security.ec.SunEC
security.provider.6=com.sun.net.ssl.internal.ssl.Provider
security.provider.7=com.sun.crypto.provider.SunJCE
security.provider.8=sun.security.jgss.SunProvider
security.provider.9=com.sun.security.sasl.Provider
security.provider.10=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.11=sun.security.smartcardio.SunPCSC

#
# Select the source of seed data for SecureRandom. By default an



  
5.Downloaded the RSA SecurID Authentication Agent API 8.5 product from URL https://knowledge.rsasecurity.com/scolcms/set.aspx?id=10222 (release notes are available at URL https://knowledge.rsasecurity.com/docs/rsa_securid/authentication/SDK8.5(pandora)/Java_rel_notes_8.5.pdf).
    
   Copied the AuthSDK_Java_v8.5.0_1148_03_28_14_07_05_15.tar file into the /sandbox/java and unpacked this file with the tar xvf command (e.g. tar xvf AuthSDK_Java_v8.5.0_1148_03_28_14_07_05_15.tar).
    
6.A folder called /sandbox/agentAPI85test was created.
    
   Three new folders were created in the /sandbox/agentAPI85test folder:
    
  
FolderAction
codeIn readiness for the compiled Java (class files location)
sampleCopied AceStatus.javaAuthUser.javabuild.xmlNewPinSession.java & NextCodeSession.java and the io subfolder with ConsoleIO.java
libCopied authapi-8.5.jarcommons-logging-1.1.1.jarcryptoj-6.1.jarlog4j-1.2.12rsa-1.jar & xmlsec-1.5.5.jar into this folder

    
   Example; showing the files in their folder locations:
  
[root@linux agentAPI85test]# ls -l
total 14544
drwxr-xr-x 6 bellm1 bellm1     4096 Mar 28  2014 AuthSDK_Java_v8.5.0_1148_03_28_14_07_05_15
-rw-r--r-- 1 bellm1 bellm1 14812160 Nov 18 12:31 AuthSDK_Java_v8.5.0_1148_03_28_14_07_05_15.tar
drwxr-xr-x 3 bellm1 bellm1     4096 Nov 18 17:16 code
-rwxrwxr-x 1 bellm1 bellm1      749 Nov 18 14:41 compile.sh
drwxr-xr-x 2 bellm1 bellm1     4096 Nov 18 12:33 lib
-rw-rw-r-- 1 bellm1 bellm1    16688 Nov 18 17:54 my_api_events.log
-rwxr-xr-x 1 bellm1 bellm1     3053 Nov 18 17:45 rsa_api.properties
-rwxr-xr-x 1 bellm1 bellm1      291 Nov 18 17:19 rsa_api.properties.OLD
-rwxr-xr-x 1 bellm1 bellm1      486 Nov 18 17:07 run.sh
drwxr-xr-x 3 bellm1 bellm1     4096 Nov 18 17:21 sample
-rwxr-xr-x 1 bellm1 bellm1     2759 Nov 18 12:42 sdconf.rec
[root@linux agentAPI85test]# cd lib
[root@linux lib]# ls -l
total 3476
-rwxr-xr-x 1 bellm1 bellm1  390024 Nov 18 12:33 authapi-8.5.jar
-rwxr-xr-x 1 bellm1 bellm1   60686 Nov 18 12:33 commons-logging-1.1.1.jar
-rwxr-xr-x 1 bellm1 bellm1 2105145 Nov 18 12:33 cryptoj-6.1.jar
-rwxr-xr-x 1 bellm1 bellm1  333059 Nov 18 12:33 log4j-1.2.12rsa-1.jar
-rwxr-xr-x 1 bellm1 bellm1  639055 Nov 18 12:33 xmlsec-1.5.5.jar
[root@linux lib]# cd ../sample
[root@linux sample]# ls -l
total 36
-rwxr-xr-x 1 bellm1 bellm1  600 Nov 18 12:34 AceStatus.java
-rwxr-xr-x 1 bellm1 bellm1 5207 Nov 18 12:34 AuthUser.java
-rwxr-xr-x 1 bellm1 bellm1 4616 Nov 18 12:34 build.xml
drwxrwxrwx 2 bellm1 bellm1 4096 Nov 18 13:11 io
-rwxr-xr-x 1 bellm1 bellm1 5714 Nov 18 12:34 NewPinSession.java
-rwxr-xr-x 1 bellm1 bellm1  812 Nov 18 12:34 NextCodeSession.java
[root@linux sample]#

  
7.Copied sdconf.rec and rsa_api.properties into the /sandbox/agentAPI85test folder
    
   The configuration file sdconf.rec can be downloaded from the Security Console > Access > Authentication Agents > Generate Configuration File
    
   An example copy of rsa_api.properties: 
  
#                                    RSA Authentication API v8.5 Properties

#             Configuring the rsa_api.properties file is optional.You can configure an agent name
#             and the location of the sdconf.rec file. If you do not configure an agent name, the
#             host name becomes the agent name.If you do not configure location for bootstrap.xml
#             and config.xml,the files will reside in the sdconf.rec location.

#Note: For windows,"\\" has to be used as a path separator.

#       Provide the Agent Name - default value is FQDN of authentication host
RSA_AGENT_NAME=RSA_AUTHSDK_AGENT

#   Provide the Agent Type - default value is 'UnKnown'
#RSA_AGENT_TYPE=RSA_WEB_AGENT

#   Provide the Agent Version - default value is 'UnKnown'
#RSA_AGENT_VERSION = 7.1

#       Provide the Agent Platform - default value is 'UnKnown'
#RSA_AGENT_PLATFORM = Windows_Server_2012

#       Path to sdconf.rec file
#   For Windows, C:\\WINDOWS\\system32\\sdconf.rec
#   For Unix,   /var/ace/api/sdconf.rec
SDCONF_LOC=/sandbox/agentAPI85test/sdconf.rec

#   Path to the Authentication Manager optional configuration file
#   For Windows,C:\\WINDOWS\\system32\\sdopts.rec
#   For unix,/usr/ace/api/sdopts.rec
SDOPTS_LOC=/sandbox/agentAPI85test/sdopts.rec

#   Location of the Authentication Manager node secret file(Agent Credential)
#   For Windows,C:\\WINDOWS\\system32\\securid
#   For Unix,  /var/adm/ace/api/securid
SDNDSCRT_LOC=/sandbox/agentAPI85test/securid

#       [This section is for event logger.]
#       Logs event messages to the console.
#   Possible values YES/NO [Default "NO"], Valid only if RSA_LOG_LEVEL is not set to OFF.
RSA_LOG_TO_CONSOLE=NO

#   Logs event messages to a file.
#   Possible values YES/NO [Default "YES"], Valid only if RSA_LOG_LEVEL is not set to OFF.
RSA_LOG_TO_FILE=YES

#   Name of the log file. Valid only if RSA_LOG_TO_FILE is set to YES.
#   For Windows, C:\\WINDOWS\\system32\\my_api_events.log
#   For Unix,   /var/ace/api/my_api_events.log
RSA_LOG_FILE=/sandbox/agentAPI85test/my_api_events.log

#       Minimum severity level allowed to log.
#   OFF, DEBUG, INFO, WARN, ERROR, or FATAL, The default value is INFO.
RSA_LOG_LEVEL=INFO

#   Maximum size the Log file is allowed
RSA_LOG_FILE_SIZE=1MB

#   Number of backup log files to maintain
RSA_LOG_FILE_COUNT=10

#   Connection timeout for server connection in seconds. Default value will be taken from config.xml
RSA_CONNECTION_TIMEOUT=60

#   Read timeout for server connection in seconds. Default value will be taken from config.xml
RSA_READ_TIMEOUT=60

#   Directory in which AgentName specific configuration files are stored such as config.xml,bootstrap.xml,root.cer
#   For windows, C:\\Agents\\Artifacts\\
#   For Unix, /var/api/securid/artifacts/
RSA_CONFIG_DATA_LOC=

#   The default encryption key wrapping algorithm list. Format: <ALG>/<KEYBYTES>
#   Note that currently AES-128(AES/16) is preferable to either AES-192(AES/24) or AES-256(AES/32).
RSA_ENC_ALGLIST=AES/16,AES/24,AES/32

  
  
    
8.In the /sandbox/agentAPI85test folder two shell scripts are created called compile.sh and run.sh.
  
   NOTE: comment out the echo lines to remove the system variables being displayed during usage. Leaving the echo lines in the two shell scripts will aid towards troubleshooting problems with the shell script.
    
   compile.sh
  
JDK_HOME=/sandbox/java/jdk1.7.0
echo $JDK_HOME

LIBDIR=./lib
echo $LIBDIR

CLASSPATH=$LIBDIR/authapi-8.5.jar
CLASSPATH=$CLASSPATH:$LIBDIR/commons-logging-1.1.1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/cryptoj-6.1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/log4j-1.2.12rsa-1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/xmlsec-1.5.5.jar
CLASSPATH=$CLASSPATH:./code
echo $CLASSPATH

$JDK_HOME/bin/javac -classpath $CLASSPATH -d ./code ./sample/io/ConsoleIO.java

$JDK_HOME/bin/javac -classpath $CLASSPATH -d ./code ./sample/NewPinSession.java
$JDK_HOME/bin/javac -classpath $CLASSPATH -d ./code ./sample/NextCodeSession.java
$JDK_HOME/bin/javac -classpath $CLASSPATH -d ./code ./sample/AceStatus.java

$JDK_HOME/bin/javac -classpath $CLASSPATH -d ./code ./sample/AuthUser.java

   run.sh
  
AVA_HOME=/sandbox/java/jdk1.7.0/jre/bin
echo $JAVA_HOME

LIBDIR=./lib
echo $LIBDIR

CLASSPATH=$CLASSPATH:$LIBDIR/authapi-8.5.jar
CLASSPATH=$CLASSPATH:$LIBDIR/commons-logging-1.1.1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/cryptoj-6.1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/log4j-1.2.12rsa-1.jar
CLASSPATH=$CLASSPATH:$LIBDIR/xmlsec-1.5.5.jar
CLASSPATH=$CLASSPATH:./code
echo $CLASSPATH

$JAVA_HOME/java -classpath $CLASSPATH sample.AuthUser
#$JAVA_HOME/java -classpath $CLASSPATH sample.AceStatus
#Comment out the sample.AuthUser line and uncomment sample.AceStatus (depending on requirements)

  
9. 
   Running the compile.sh shell script places the class files into the code folder
  
[bellm1@linux agentAPI85test]$ ./compile.sh
/sandbox/java/jdk1.7.0
./lib
./lib/authapi-8.5.jar:./lib/commons-logging-1.1.1.jar:./lib/cryptoj-6.1.jar:./lib/log4j-1.2.12rsa-1.jar:./lib/xmlsec-1.5.5.jar:./code
[bellm1@linux agentAPI85test]

   Example; showing the file and folder structure for /sandbox/agentAPI85test/code folder after the compile:
  
[bellm1@linux code]$ ls -lR
.:
total 4
drwxrwxr-x 3 bellm1 bellm1 4096 Nov 18 17:16 sample

./sample:
total 20
-rw-rw-r-- 1 bellm1 bellm1  708 Nov 18 18:33 AceStatus.class
-rw-rw-r-- 1 bellm1 bellm1 3293 Nov 18 18:33 AuthUser.class
drwxrwxr-x 2 bellm1 bellm1 4096 Nov 18 17:16 io
-rw-rw-r-- 1 bellm1 bellm1 3441 Nov 18 18:33 NewPinSession.class
-rw-rw-r-- 1 bellm1 bellm1  733 Nov 18 18:33 NextCodeSession.class

./sample/io:
total 4
-rw-rw-r-- 1 bellm1 bellm1 1729 Nov 18 18:33 ConsoleIO.class
[bellm1@linux code]$

   Running the run.sh shell script
  
[bellm1@linux agentAPI85test]$ ./run.sh
/sandbox/java/jdk1.7.0/jre/bin
./lib
:./lib/authapi-8.5.jar:./lib/commons-logging-1.1.1.jar:./lib/cryptoj-6.1.jar:./lib/log4j-1.2.12rsa-1.jar:./lib/xmlsec-1.5.5.jar:./code
Non-validating Trust Manager (Accepts all servers)
Can't create api: com.rsa.authagent.authapi.AuthAgentException: Exception processing configuration data Exception processing configuration data Agent RSA_AUTHSDK_AGENT is not registered on the server
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: Exception processing configuration data Exception processing configuration data Agent RSA_AUTHSDK_AGENT is not registered on the server
        at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.java)
        at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionFactory.java)
        at sample.AuthUser.<init>(AuthUser.java:32)
        at sample.AuthUser.main(AuthUser.java:62)
[bellm1@linux agentAPI85test]$

   Opps.. I forgot to add the Authentication Agent record to the authentication manager primary instance Security Console.
  
   The error “Can't create api: com.rsa.authagent.authapi.AuthAgentException: Exception processing configuration data Exception processing configuration data Agent RSA_AUTHSDK_AGENT is not registered on the server” is expected as the sample code has reached out to the authentication manager and not found an authentication agent host called RSA_AUTHSDK_AGENT listed (as defined by the rsa_api.properties file).
    
   After setting up an Authentication Agent record called RSA_AUTHSDK_AGENT in the authentication manager primary instance Security Console the following output is seen:
  
[root@linux agentAPI85test]# ./run.sh
/sandbox/java/jdk1.7.0/jre/bin
./lib
:./lib/authapi-8.5.jar:./lib/commons-logging-1.1.1.jar:./lib/cryptoj-6.1.jar:./lib/log4j-1.2.12rsa-1.jar:./lib/xmlsec-1.5.5.jar:./code
Username: rsatest
Passcode: 12345678
Passcode Accepted
Authentication successful
Continue? [y/n] n
[root@linux agentAPI85test]#

  
   Log information from the configured log file my_api_events.log where INFO data was captured:
  
successful[2014-11-19 15:55:12,459] FATAL main - RSA Authentication API for Java v8.5.0.0.0[1148] started
[2014-11-19 15:55:12,462] INFO main - /sandbox/agentAPI85test/sdopts.rec doesn't exist
[2014-11-19 15:55:12,462] INFO main - /sandbox/agentAPI85test/securid doesn't exist
[2014-11-19 15:55:12,670] INFO main - {AgentCryptoJProvider.getJSafeType} CryptoJ.jar is in classpath, using that to invoke Non-FIPS version of JSafe functions
[2014-11-19 15:56:06,881] INFO main - {AuthSessionFactory} Initializing Configuration data
[2014-11-19 15:58:13,204] INFO main - {setServerLoadBalanceInfo} dynamic (response time based) load balancer selected
[2014-11-19 15:58:13,204] INFO main - RSA_CONFIG_DATA_LOC not set, defaulting to current directory
[2014-11-19 15:58:13,208] INFO main - Updating the retry count to totalServers-1
[2014-11-19 15:58:13,208] INFO main - MaxRetry: 0 Total Servers: 1
[2014-11-19 15:58:13,516] INFO main - isDNSScanEnabled:false
[2014-11-19 15:58:13,519] INFO main - isDNSScanEnabled:false
[2014-11-19 15:58:13,520] INFO main - isDNSScanEnabled:false
[2014-11-19 15:58:13,521] INFO main - {Realmconfig.updateVersionInfoFromSdconf} Sdconf length = 2759
[2014-11-19 15:58:13,541] INFO main - {AgentConfigHandler::processLoadBalancingSettings}Dynamic Load balancing chosen
[2014-11-19 15:58:13,541] INFO main - {AgentConfigHandler.enumerateServerList} Resolving host: lisa.csau.ap.rsa.net
[2014-11-19 15:58:13,541] INFO main - {AgentConfigHandler.enumerateServerList} adding address: 10.32.27.33
[2014-11-19 15:58:13,542] INFO main - {AgentConfigHandler.enumerateServerList} Resolving host: marge.csau.ap.rsa.net
[2014-11-19 15:58:13,542] INFO main - {AgentConfigHandler.enumerateServerList} adding address: 10.32.27.39
[2014-11-19 15:58:13,542] INFO main - {AgentConfigHandler.enumerateServerList} Resolving host: homer.csau.ap.rsa.net
[2014-11-19 15:58:13,542] INFO main - {AgentConfigHandler.enumerateServerList} adding address: 10.32.27.38
[2014-11-19 15:58:13,542] INFO main - {AgentConfigHandler::processLoadBalancingSettings}Enumerating Avoid hostnames list
[2014-11-19 15:59:38,163] INFO main - {setServerLoadBalanceInfo} dynamic (response time based) load balancer selected
[2014-11-19 15:59:38,163] INFO main - MaxRetry: 2 Total Servers: 3
[2014-11-19 15:59:38,186] INFO main - Connection object: ServerConnection [ serviceType=CONFIG, serviceURL=http://10.32.27.39:5500/Services/ConfigService, conn=null]
[2014-11-19 15:59:38,266] INFO main - isDNSScanEnabled:false
[2014-11-19 15:59:38,268] INFO main - isDNSScanEnabled:false
[2014-11-19 15:59:38,269] INFO main - isDNSScanEnabled:false
[2014-11-19 15:59:38,270] INFO main - {Realmconfig.updateVersionInfoFromSdconf} Sdconf length = 2759
[2014-11-19 15:59:38,283] WARN main - Connection timeout value in rsa_api.properties is invalid, using the default value
[2014-11-19 15:59:38,284] INFO main - {AgentConfigHandler.initializeConfig} using server-configured connect timeout: 10
[2014-11-19 15:59:38,284] INFO main - {AgentConfigHandler.initializeConfig} using client-configured read timeout: 60
[2014-11-19 15:59:38,284] INFO main - {AuthSessionFactory} Invoking MessageKey Service to negotiate key
[2014-11-19 16:00:14,940] INFO main - MaxRetry: 2 Total Servers: 3
[2014-11-19 16:00:15,693] INFO main - MaxRetry: 2 Total Servers: 3
[2014-11-19 16:00:15,699] INFO main - staring key negotiation. Connection: ServerConnection [ serviceType=MSGKEY, serviceURL=http://10.32.27.38:5500/Services/MessageKeyService, conn=null]
[2014-11-19 16:00:16,311] INFO main - key negotiation complete. KID=d2191d3d261b200a1b1824f3d9050ceb-1acddd90a5895083 Expires: Thu Nov 20 00:00:16 EST 2014
[2014-11-19 16:00:16,379] INFO main - processRequest: AUTHN
[2014-11-19 16:00:16,420] INFO main - {AgentAuthnHandler.processAuthnRequest} authnResponse is <?xml version="1.0" encoding="UTF-8" standalone="yes"?><authn:AuthnResponse InResponseTo="05f62cd22abcf084" ID="2113e13a6ba28ff1" xmlns:gen="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication-generic" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" xmlns:authn="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication" xmlns:ws-i18n="http://www.w3.org/2005/09/ws-i18n" xmlns:stat="http://www.rsa.com/schemas/2008/05/CommonAPI/status"><authn:Status Status="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/status/Continue"/><authn:MethodChoice><authn:Method ID="4c3b2f723da50dc8" Class="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/classes/Generic" Type="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/methods/OTP"><authn:Payload xsi:type="gen:ResponsePayloadType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><gen:Subject ID="12459785-f882-4aef-9168-2829eae50642"><gen:Label>User ID:</gen:Label></gen:Subject><gen:StaticText>RSA SecurID Authentication</gen:StaticText><gen:EditText MaxLength="128" Masked="true" ID="B2E9FC5F-8001-4874-9F4F-67056B637F22"><gen:Label>Passcode:</gen:Label></gen:EditText></authn:Payload></authn:Method><authn:Method ID="b8bbf96cf42aa1aa" Class="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/classes/EAP" Type="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/methods/EAP32"><authn:Payload xsi:type="gen:ResponsePayloadType" ns7:MaxIterationCount="2000" ns7:MinPepperLength="1" ns7:MaxPepperLength="2" ns7:MinIterationCount="1000" ns7:RealmID="vlvhWoGQRsC4kgg5931AZg==" xmlns:ns7="eap" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/></authn:Method></authn:MethodChoice><authn:Attributes><authn:Attribute DataType="xs:string" AttributeType="ServerTime"><authn:AttributeValue>1416373216414</authn:AttributeValue></authn:Attribute></authn:Attributes></authn:AuthnResponse>
[2014-11-19 16:00:16,432] INFO main - {Ace8Session} Server selected for Authentication: http://10.32.27.38:5500/Services/AuthnService
[2014-11-19 16:02:01,680] INFO main - MaxRetry: 2 Total Servers: 3
[2014-11-19 16:02:01,692] INFO main - processRequest: AUTHN
[2014-11-19 16:02:01,737] INFO main - {processAuthnRequest} authnResponse is <?xml version="1.0" encoding="UTF-8" standalone="yes"?><authn:AuthnResponse InResponseTo="adebcf162f0eb71f" ID="9dabadbc427b6200" xmlns:gen="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication-generic" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" xmlns:authn="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication" xmlns:ws-i18n="http://www.w3.org/2005/09/ws-i18n" xmlns:stat="http://www.rsa.com/schemas/2008/05/CommonAPI/status"><authn:Status Reason="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/reasons/OK" Status="http://www.rsa.com/schemas/2008/05/CommonAPI/authentication/status/Complete"><stat:Message>Authentication Succeeded</stat:Message></authn:Status><authn:RequestContext ID="ae0d94577e7bdf40"/><authn:ResponseContext/><authn:Attributes><authn:Attribute DataType="xs:string" AttributeType="UserShell"><authn:AttributeValue></authn:AttributeValue></authn:Attribute></authn:Attributes></authn:AuthnResponse>
[2014-11-19 16:02:01,739] INFO main - {processAuthnRequest} ID verfications passed

   NOTE: marge.csau.ap.rsa.net, homer.csau.ap.rsa.net and lisa.csau.ap.rsa.net are authentication manager instances (where marge.csau.ap.rsa.net is the primary instance)
  
  
   After the first successful authentication a new folder called RSA_AUTHSDK_AGENT appears in the /sandbox/agentAPI85test folder.
  
   Contents of the 
/sandbox/agentAPI85test/RSA_AUTHSDK_AGENT folder:
  
[bellm1@linux RSA_AUTHSDK_AGENT]$ ls -l
total 20
-rw-r--r-- 1 root   root   1904 Nov 19 15:38 bootstrap.xml
-rw-r--r-- 1 root   root   1904 Nov 19 12:42 bootstrap.xml_backup
-rw-rw-r-- 1 bellm1 bellm1 5336 Nov 19 08:34 config.xml
-rw-rw-r-- 1 bellm1 bellm1  922 Nov 19 08:34 root.cer
[bellm1@linux RSA_AUTHSDK_AGENT]$

  

Attachments

    Outcomes