Application Delivery Management
Application Modernization & Connectivity
CyberRes
IT Operations Management
Source: http://www.symantec.com/vip-authentication-service
Symantec Validation and ID Protection Service is a leading cloud-based strong authentication service that enables enterprises to secure access to networks and applications while preventing access by malicious unauthorized attackers. A unified solution providing both two-factor and risk-based token-less authentication, VIP is based on open standards and can easily integrate into enterprise applications.
Symantec VIP Enterprise Gateway setup
NetIQ Access Manager Identity Server setup details
a) Create Userstore or use configured default user store based on one’s requirement
b) Create a class using Radius Class from the dropdown
c) On step 2 of configuring radius class Enter required details
Testing the configuration
a) Install Symantec VIP credentials into mobile or on Desktop
b) Access radius contract and Enter user name secure code generated by VIP credentials client and password ( password text box shows if required password is enabled in NAM configuration)
c) Submit form
NetIQ Access Manager Identity Server setup details
Testing the configuration:
a) Install Symantec VIP credentials into mobile or on desktop
b) Access new contract created and Enter user name password and when asked for token enter secure code generated by VIP credentials
c) Submit form
Example TOTP verification code:
public static void validateUser() throws RemoteException
{
String pathToP12File = "/tmp/vip_cert.p12";
String password = "password"; // password given while downloading cert
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStore", pathToP12File);
System.setProperty("javax.net.ssl.keyStorePassword", password);
AuthenticationServiceStub authServiceStub = new AuthenticationServiceStub(
"https://userservices-auth.vip.symantec.com/vipuserservices/AuthenticationService_1_1");
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.CheckOtpRequest uReq = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.CheckOtpRequest();
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.CheckOtpRequestType otpReqType = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.CheckOtpRequestType();
uReq.setCheckOtpRequest(otpReqType);
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.RequestIdType requestIdType = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.RequestIdType();
requestIdType.setRequestIdType("rqstId" System.currentTimeMillis());
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.UserIdType userType = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.UserIdType();
userType.setUserIdType("testuser1");
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.OtpType otp = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.OtpType();
otp.setOtpType("770379");
com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.OtpAuthDataType otpType = new com.verisign.vipuserservices.wsclient.AuthenticationServiceStub.OtpAuthDataType();
otpType.setOtp(otp);
/*uReqType.setRequestId(requestIdType);
uReqType.setUserId(userType);
uReqType.setOtpAuthDataType()*/
otpReqType.setUserId(userType);
otpReqType.setRequestId(requestIdType);
otpReqType.setOtpAuthData(otpType);
CheckOtpResponse checkOtpResponse = authServiceStub.checkOtp(uReq);
CheckOtpResponseType checkOtpResponseType = checkOtpResponse
.getCheckOtpResponse();
System.out.println("Status : " checkOtpResponseType.getStatus());
System.out.println("Status message : "
checkOtpResponseType.getStatusMessage());
System.out.println("Server detail message : "
checkOtpResponseType.getDetailMessage());
}