Forum Discussion
AltostratusUsing RSA SecurID for authentication and authorization
Hello, I am wondering if it possible to use APM with RSA SecurID for access authentication and authorization. I have no issues to configure the RSA server for authentication only. However, I am not sure how to retrieve the RSA group membership or similar attributes to check if the current user can access a particular resource?
The APM manual says that the session variable session.securid.last.attr.$attr_name should contain some values of the RSA attributes.
Where can I find the attribute list that can be retrieved in this way? Has anyone already tried to use RSA for authorization?
Thank you
2 Replies
Arnaud_LemaireEmployee
It's up to your deployment if you are using local database or another source for user configuration in RSA. the easiest way should be to test, and having a look to the report menu in APM listing session variables for active sessions. there you can see all attributes sent by AAA.
EastCoast_16835For anyone else who has the similar challenge ...
The only way to manage authorisations is to enable the RADIUS protocol on RSA and set RADIUS profiles with specific attributes for users instead of RSA groups. It seems that there is no way to get RSA group membership directly via the RSA client built into APM.
