Specifications

8-92
Cisco CRS-1 Series Carrier Routing System XML API Guide
OL-4596-02
Chapter 8 Cisco CRS-1 Series XML Security
Retrieving Task Permissions
A client application requesting an operation through the XML interface must have the appropriate task
privileges enabled/assigned for any objects accessed in the operation:
<Get> operations require AAA read privileges.
<Set> and <Delete> operations require AAA write privileges.
The configuration services operations through configuration manager can also require the appropriate
predefined task privileges.
If an operation requested by a client application fails authorization, an appropriate <Error> element is
returned in the response sent to the client. For native data operations, the <Error> element is associated
with the specific element or object classes where the authorization error occurred.
Retrieving Task Permissions
A client applications capabilities and privileges in terms of task permissions are exposed by AAA
through command-line interface (CLI) show commands. A client application can also use the XML
interface to programatically retrieve the current AAA capabilities from the router. This retrieval can be
done by issuing the appropriate <Get> request to the <AAA> component.
The following example shows a request to retrieve all of the AAA configuration from the router:
Sample XLM Request to Retrieve AAA Configuration Information
<?xml version="1.0" encoding="UTF-8"?>
<Request MajorVersion="1" MinorVersion="0">
<Get>
<Configuration>
<AAA MajorVersion=”1” MinorVersion=”0”/>
</Configuration>
</Get>
</Request>
Sample XML Response from the Cisco CRS-1 Series Router
<?xml version="1.0" encoding="UTF-8"?>
<Response MajorVersion="1" MinorVersion="0">
<Get>
<Configuration>
<AAA MajorVersion=”1” MinorVersion=”0”>
.
.
.
AAA configuration returned here
.
.
.
</AAA>
</Configuration>
</Get>
</Response>