This section describes how to integrate AquaLogic Enterprise Security with AquaLogic Enterprise Repository. It includes the following topics:
You can use AquaLogic Enterprise Repository to manage ALES policy data as ALER assets. By integrating ALER with ALES, you can:
Note: | While the ALER console allows direct modification of data in an ALES Policy Asset, it is recommended that policy changes first be made in ALES and then imported into ALER. See Importing/Exporting Policy Data Between ALES and ALER. |
To manage ALES policies with ALER:
Follow these steps to set the required import/export properties in ALER:
To manage ALES policies in ALER, the ALES Policy asset type must be imported in ALER. This asset type defines ALES metadata, such as privileges, policy, resources, and resource attributes. Follow these steps:
ALES_ADMIN_HOME/data/aler
and select the appropriate ALES Policy Asset Type zip file. Then click Next twice.
ALES 2.6—ales_policy-asset-type.zip
ALES 3.0—ales_policy-asset-type-3.0.0.zip
ALES Policy Asset Type
appears in the Type Manager.
The ALER Asset Editor displays ALES Policy Assets in the following tabs (see Figure 7-3):
ALER maintains version information for its assets. ALES Policy Assets use version numbers in the format N.N (1.0, for example). When importing ALES Policy Assets into ALER for the first time, the version number is set to 1.0. When you subsequently import the same assets, the version number increments by 1. You can also modify the version number of an asset within ALER.
The policyIX utility can perform direct import/export of policy asset data between ALES and ALER or it can generate files that can be used to import and export in separate steps.
PolicyIX makes use of configuration files for imports/exports with ALER. For details, see Import/Export Configuration Files for ALER.
For more information about policyIX itself, see PolicyIX in the ALES Administration Reference
To export policy assets directly to ALER, run policyIX with the -exportToALER
option:
policyIX -exportToALER <config_file>
To export the data to ALER using a file:
policyIX -exportToALER <config_file> <file_name>
To import directly into ALES from ALER, use the -importFromALER
option:
policyIX -importFromALER <config_file>
This section describes the configuration files used for imports/exports between ALES and ALER.
Note: | Further information about configuration files used with PolicyIX can be obtained by examining a sample file (ALES_ADMIN_HOME /config/policyIX_config.xml ) or by consulting
PolicyIX: config.xml in the ALES Administration Reference guide. |
The configuration file uses XML syntax to specify required ALER information.
<aler_property name="<property_name>" value=”<value>”/>
server_version
—ALER Server version (2.6 or 3.0)server_url
—ALER connection URLusername
—user name for connecting to ALERuserPassword
—user passwordassetName
—name of the assetassetDescription
—description of the assetimportAssetVersion
—Asset version to import; valid only if the -importFromALER
option is used in the policyIX command.
Listing 7-1 shows the contents of an example file:
<aler_configuration>
<aler_property name="server_version" value=”3.0”/>
<aler_property name="server_url"
value=http://123.43.32.3546:7101/aler/services/FlashlineRegistry/>
<aler_property name="userName" value="admin"/>
<aler_property name="userPassword" value="tan66kds9"/>
<aler_property name="assetName" value="MyALESPolicy"/>
<aler_property name="assetDescription" value="AnALES Policy asset"/>
<aler_property name="importAssetVersion" value="2"/>
</aler_configuration>