Cisco Cisco Security Manager 4.5 Guia De Especificação
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 173
8.5 Fetch CSM defined firewall policy
The following simple sample program implemented in java demonstrates a REST client that fetches the CSM
firewall policy as it is defined in the CSM UI. Use the following client.properties file (Change the gid value to
match the GID of a device in the server’s inventory) :
firewall policy as it is defined in the CSM UI. Use the following client.properties file (Change the gid value to
match the GID of a device in the server’s inventory) :
USER=admin
PASSWORD=admin
HOST=localhost
XML_REQUEST=<?xml version=\"1.0\" encoding=\"UTF-8\"?>\
<csm:policyConfigByDeviceGIDRequest xmlns:csm=\"csm\">\
<protVersion>1.0</protVersion>\
<reqId>123</reqId>\
<gid>00000000-0000-0000-0000-004294967307</gid>\
<policyType>DeviceAccessRuleFirewallPolicy</policyType>\
</csm:policyConfigByDeviceGIDRequest>
# Set LOGIN_REQUIRED to true if the URI supplied
# requires login to be done as a prerequisite.
LOGIN_REQUIRED=true
URI=https://localhost/nbi/configservice/getPolicyConfigById
PASSWORD=admin
HOST=localhost
XML_REQUEST=<?xml version=\"1.0\" encoding=\"UTF-8\"?>\
<csm:policyConfigByDeviceGIDRequest xmlns:csm=\"csm\">\
<protVersion>1.0</protVersion>\
<reqId>123</reqId>\
<gid>00000000-0000-0000-0000-004294967307</gid>\
<policyType>DeviceAccessRuleFirewallPolicy</policyType>\
</csm:policyConfigByDeviceGIDRequest>
# Set LOGIN_REQUIRED to true if the URI supplied
# requires login to be done as a prerequisite.
LOGIN_REQUIRED=true
URI=https://localhost/nbi/configservice/getPolicyConfigById
After compiling, use the following command to run the program:
Command Prompt> java RestClient <path_to_client.properties> [<uri>]
Class
RestClient.java
/**
* Sample Program to get access rules defined on a firewall as it appears in the
* CSM UI.
* CSM UI.
*/
import
java.io.ByteArrayInputStream;
import
java.io.IOException;
import
java.net.URI;
import
java.security.KeyManagementException;
import
java.security.NoSuchAlgorithmException;
import
java.security.SecureRandom;
import
java.security.cert.X509Certificate;
import
javax.net.ssl.SSLContext;
import
javax.net.ssl.TrustManager;
import
javax.net.ssl.X509TrustManager;
import
javax.xml.parsers.DocumentBuilder;
import
javax.xml.parsers.DocumentBuilderFactory;
import
org.apache.http.HttpEntity;
import
org.apache.http.HttpResponse;
import
org.apache.http.HttpStatus;
import
org.apache.http.StatusLine;
import
org.apache.http.client.ClientProtocolException;
import
org.apache.http.client.CookieStore;
import
org.apache.http.client.methods.HttpPost;
import
org.apache.http.conn.ClientConnectionManager;
import
org.apache.http.conn.scheme.Scheme;