Security Context : Custom Metrics on Security Context propagated by TIBCO ActiveMatrix Policy Manager

Custom Metrics on Security Context propagated by TIBCO ActiveMatrix Policy Manager
If you use TIBCO ActiveMatrix Policy Manager for Authentication policies and enable Security Context Propagation (see ActiveMatrix Policy Manager documentation for details), you can register custom metrics using ActiveMatrix Service Performance Manager to extract user information forwarded by the Policy.
Authentication Policy
If an authentication policy was applied in the TIBCO ActiveMatrix Policy Manager, refer to the user information is available in the Amberpoint User Information document.
Here is a snippet of the Amberpoint user information document:
<?xml version="1.0" encoding="UTF-8"?>
<ap:userInformation
xmlns:ap="http://namespace.amberpoint.com/amf">
<ap:userIdentity>pmuser</ap:userIdentity>
<ap:userRoles />
<ap:clientAddress>10.97.98.163</ap:clientAddress>
<ap:claimedIdentity
xmlns:ap="http://namespace.amberpoint.com/amf"
authenticationMechanism="urn:oasis:names:tc:SAML:2.0:ac:classes:Pa
ssword"
authenticatorRef="AuthnProvider_794A62E4_9F3A_11DD_9CF5_76AFA2FFAA
77"
authenticationStatus="success"
type="com.amberpoint.security.authn.identity.BaseClaimedIdentity"
authenticationProviderHash="244139661">
<ap:userIdentity>pmuser</ap:userIdentity>
<ap:userRoles>
<ap:role name="Accounting Managers"
attributeInfoProviderRef="AttrInfoProvider_794A62E4_9F3A_11DD_9CF5
_76AFA2FFAA77" />
<ap:role name="SeanPMGroup2"
attributeInfoProviderRef="AttrInfoProvider_794A62E4_9F3A_11DD_9CF5
_76AFA2FFAA77" />
</ap:userRoles>
<ap:userAttributes />
</ap:claimedIdentity>
</ap:userInformation>
You can write the following custom metric expressions to extract classifiers for the user name and role:
{{flow=input,document=userInformation}}//ap:userInformation/ap:userIdentity
{{flow=input,document=userInformation}}//ap:userInformation/ap:claimedIdentity/ap:userRoles/ap:role/@name
where the prefix ’ap’ is associated with the namespace
‘http://namespace.amberpoint.com/amf’
Custom Metrics Script Example
<CustomMetricBundle name="WASSPBookOrderCustomMetricBundle">
<MonitoredObjectRef>
<WASServiceOperation cellName="Machine1Cell01"
applicationName="BookOrderServiceEAR"
serviceName="BookOrderPT"
moduleName= "BookOrderService.war"
serviceInterfaceName="BookOrderPT"
operationName="orderBook">
</WASServiceOperation>
</MonitoredObjectRef>
<NamespacePrefixMap>
<MapEntry prefix="ns0" namespace="http://www.tibco.com/BookOrderService"/>
<MapEntry namespace="http://namespace.amberpoint.com/amf" prefix="ap"/>
</NamespacePrefixMap>
<ClassifierCustomMetric name="User" displayName="User" xpath="{{flow=input,document=userInformation}}//ap:userInformation/ap:userIdentity">
<NamespacePrefixOverrideMap/>
</ClassifierCustomMetric>
<ClassifierCustomMetric name="BookTitle" xpath="{{flow=input,document=input}}//ns0:orderBookRequest/bookName">
<NamespacePrefixOverrideMap></NamespacePrefixOverrideMap>
</ClassifierCustomMetric>
<InstrumentCustomMetric name="QtyOrdered"
xpath="{{flow=input,document=input}}//ns0:orderBookRequest/quantity"
keepHistory="true" unit="USD" unitDisplayName="$">
<NamespacePrefixOverrideMap></NamespacePrefixOverrideMap>
<MetricFunction>sum</MetricFunction>
</InstrumentCustomMetric>
</CustomMetricBundle>