This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
LukaKodric
Trusted Contributor
Trusted Contributor
‎2016-11-30 05:31 AM

Python app & SecurID

Jump to solution

Hi

 

What would you suggest would be the easiest way to integrate python app with SecurID ?

 

Regards

Luka

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
JochenHoffmann
Occasional Contributor
Occasional Contributor
‎2016-12-01 03:14 AM

Jump to solution

Hi Luka,

 

for local (cron) scripting, we use Python (better: Jython) scripts stored at the RSA SecurID Primary. For remote management of RSA SecurID, you have to define an SecurID Administrative Role, apply this to a dedicated service user and establish an application trust referring the Service user account.

 

Next, there are several API calls available in order to establish the two way trust with the Primary Authentication Manager Server - see Authentication Manager SDK documentation:  https://community.rsa.com/docs/DOC-44845.

 

Hoping, this helps somehow. When it comes to the RSA AM SDK, there not as many sample codes / snippets available out there ...

View solution in original post

Reply
8 Replies
TedBarbour
Employee
Employee
‎2016-11-30 07:23 AM

Jump to solution

Hi Luka - can you describe what you mean by integration?

Do you mean adding SecurID authentication using the authentication agent API or integrating user/token management functions using the Authentication Manager API or…?

 

Ted

Reply
LukaKodric
Trusted Contributor
Trusted Contributor
In response to TedBarbour
‎2016-11-30 08:00 AM

Jump to solution

I mean the second thing:

Integrating user/token management functions using the Authentication Manager API. Basically integrating current web app written in Python with SecurID AM for auth, management etc..

0 Likes
Reply
JochenHoffmann
Occasional Contributor
Occasional Contributor
‎2016-12-01 03:14 AM

Jump to solution

Hi Luka,

 

for local (cron) scripting, we use Python (better: Jython) scripts stored at the RSA SecurID Primary. For remote management of RSA SecurID, you have to define an SecurID Administrative Role, apply this to a dedicated service user and establish an application trust referring the Service user account.

 

Next, there are several API calls available in order to establish the two way trust with the Primary Authentication Manager Server - see Authentication Manager SDK documentation:  https://community.rsa.com/docs/DOC-44845.

 

Hoping, this helps somehow. When it comes to the RSA AM SDK, there not as many sample codes / snippets available out there ...

Reply
TedBarbour
Employee
Employee
In response to LukaKodric
‎2016-12-01 12:18 PM

Jump to solution

There are several possibilities including our out of the box support for Jython, calling Java from Python or calling SOAP web services from Python.  I've asked our development group if they have any specific suggestions.

 

As a start, have you downloaded the RSA Authentication Manager SDK (documentation and sample code)?

It is part of the Extras file that you can get to via the RSA Authentication Manager DOWNLOADS->ADDITIONAL DOWNLOADS button on of this site.

 

 

 

Reply
PiersB
Trusted Contributor Trusted Contributor
Trusted Contributor
‎2016-12-01 12:58 PM

Jump to solution

Hi Luka,

Jochen's response right-on. You'll want to look at using Jython and the AM Administrative SDK. You should be able to use this combination to accomplish the functionality you're looking to implement.

Reply
JochenHoffmann
Occasional Contributor
Occasional Contributor
In response to TedBarbour
‎2016-12-02 01:59 AM

Jump to solution

Yeah, there's also SOAP web Services available w/ AM - I forgot about that. We tested that earlier but couldn't make it work, finally. But that was some years ago with AM 7.1 and may have changed of course.

 

So, give it a try if this fits your requirements and possibilities - why not?!  I do think, it's some kind'a easier doing as you don't have to think of all that API calls with their individual requirements and parameters.

 

That's out of your focus as you asked for Python implementation. Additionally there's AMBA (Authentication Manager Bulk Administration). AMBA scripts are called using rsautil, but is bound to local execution afaik (I don't think, this changed with AM 8.1/8.2?). AMBA supports most of bulk Administration Tasks using Input / Output files for automation purposes: Token assignments, Token / User security Domain moves ... As RSA introduced AM 8.2, they decided to make AMBA available without additional costs. With AM 8.1 you have to buy a dedicated AMBA license. Compared to Jython API, AMBA scripting is easier as there're pre-defined Action commands.

 

With AM 8.1 / 8.2 documentation, there's an AMBA User Guide available, which may be a good starting Point for you, too.

 

 

Have a nice Weekend then,

Jochen.  

Reply
LukaKodric
Trusted Contributor
Trusted Contributor
‎2016-12-02 05:40 AM

Jump to solution

Thank you for all responses. Will forward this to our developers

0 Likes
Reply
TedBarbour
Employee
Employee
In response to JochenHoffmann
‎2016-12-02 09:23 AM

Jump to solution

Good point that you could call command line programs from python code.  This could be executing the AMBA utility or a Jython script.

Jython provides the most capability (basically anything that can be done in the Security Console can be done programmatically).  AMBA is somewhat simpler to use but offers a more limited set of capabilities.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.