The concept of request integration refers to the process of replacing the hard-coded user names and passwords in an application with Credential Manager credential requests. This application is a “requesting application” or “requestor.”
The request integration process involves the following steps:
Follow these steps:
.cspmclientrcfile or set up the environment variables that are contained within the file. The
.cspmclientrcfile is located in:
cspmclient.jarfile to the build path. This allows Eclipse to compile your application. See the procedure that is described in Set Up Eclipse for A2A Integration.
Use the following procedure to add the cspmclient.jar file to the build path.
Follow these steps:
$CSPM_CLIENT_HOME/cspmclient/libfolder and select the following files:
"Request integration" is the process of modifying your existing requestor to use Credential Manager to retrieve credential information instead of using hard-coded user names and passwords.
Integration methods for implementing the credential request are described in Integrate Applications with the Credential Manager A2A Client.
Typically, when you integrate your application or script with the A2A client, you use the cached version of the credential. However, the supplied credentials only give the requestor access to the data if the A2A client cache is up-to-date. The following algorithm uses the cached credentials for the first login attempt. If the login fails the A2A client cache is overridden, credentials are retrieved directly from the CA Privileged Access Manager appliance, and a second login is attempted. By using the cached credentials for the first login attempt, you help reduce the load on the CA Privileged Access Manager appliance and improve performance. However, the tradeoff is potentially incurring a failed login attempt if the cached credential has gone stale.
A failed login attempt can trigger an auditable security incident and possibly an account lockout condition if the number of failed login attempts exceeds the maximum that the policy allows.