Symantec Access Management

Is it possible to view response headers in browser?i tried using fiddler and http analyser,but i am unable to find the "smuser" header which is configured in the response. can anyone suggest how to view the headers?

i wonder if this something CA can provide to the community? it's a typical header dump that can be in jsp or php. the url we would use is http://support.ca.com/headerdump or something similar (https://communities.ca.com/web/ca-identity-and-access-mgmt-distributed-global-user-community/headerdump)

T.

Hi All,

I suspect this isn't a question related to the Security Distributed products. Questions related to the MyCA Community sites should be directed to the MyCA Feedback Community. We have folks on the team who address queries such as this. Hopefully that helps.

Thanks!
Chris

You can see all header generated in a browser by accessing a JSP/ASP/PHP or any page that will dump the headers.
You can find some samples on the web by googling ...
http://www.roseindia.net/jsp/request-header-jsp.shtml
http://www.plus2net.com/asp-tutorial/http-header.php
You will see headers like

HTTP_CACHE_CONTROL:no-cache
HTTP_CONNECTION:Keep-Alive
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/vnd.ms-xpsdocument, application/xaml+xml, application/x-ms-xbap, */*
HTTP_ACCEPT_ENCODING:gzip, deflate
HTTP_ACCEPT_LANGUAGE:en-us
HTTP_AUTHORIZATION:SiteMinder
HTTP_COOKIE:SMSESSION=xxxx
HTTP_HOST:xxxxx
HTTP_REFERER:xxxx
HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
HTTP_SERVER_PROTOCOL:HTTP/1.1
HTTP_SM_TRANSACTIONID:000080fe00000000ff565002370c86fe-1614-515bd6dc-14e0-03b06ea7
HTTP_REQUEST_METHOD:GET
HTTP_SM_SDOMAIN:.ca.com
HTTP_SM_REALM:protected
HTTP_SM_REALMOID:06-bc562e34-431d-448b-acb9-41a488ad9815
HTTP_SM_AUTHTYPE:Form
HTTP_SM_AUTHREASON:0
HTTP_SM_UNIVERSALID:u1
HTTP_SM_AUTHDIROID:0e-708076a1-a9f1-4445-bf4a-1924c8740616
HTTP_SM_AUTHDIRNAME:***
HTTP_SM_AUTHDIRSERVER:***
HTTP_SM_AUTHDIRNAMESPACE:LDAP:
HTTP_SM_USER:u1
HTTP_SM_USERDN:cn=u1,dc=ustore,dc=com
HTTP_SM_SERVERSESSIONID:GzZSs+9IALZ8u5NpSkKSDMm3bG0=
HTTP_SM_SERVERSESSIONSPEC:ukPWMESmaSIMYAkWgXB99D327OQfXFweu49u1tgpRtc4lqzbQPA/URlmkM7tigsgKj+qMd8PKqIy8d4mqcc47cpSUtTFwaMjM00kL4MMJYnHujH0f3wmt3t/oPlGeuq4NVJMaunnSYwF4fn9+13FHwUho4HvW+BDFv6LENqzqzCG9Tsrtki5L/QxnkmEOGaapZ2uYSQLxwKzmNFAK3dX2wxByT3ZfL8cc5V9APm+W+zLytNrsgFMEtZSMLlkXGifKG+/hiZOiTu/2Bcg5dY17RW77PN33dj8FYLOPo2c70W0ErSLQs3BVwRbikkfd9lpoJLrKIkw6RapwhH0YFVXzqVwjSOmrrmR+oYZkEtwC22PZcWTfk3p9ogkpJ/buNA9vM3JG9LhN7k=
HTTP_SM_TIMETOEXPIRE:7199
....

Hi Nitot,

This is the information what i want exactly. Thanks a lot.

Hi Nitot,

This is the information what i want exactly. Thanks a lot.

Is it possible to find thses headers using web debuggers tools like fiddler ,http analyser or some other tools without using the php code? Please let me know.

Is it possible to find thses headers using web debuggers tools like fiddler ,http analyser or some other tools without using the php code? Please let me know.

From my experience, I was not able to see those headers (Well know attributes populated by siteminder agent / policy server) in Fiddler ot other HTTP analyser tools. I always used either the test tool or and Header Dumper asp/jsp page to check the Header values.

You can try a Firefox add-ons named "Live Http Headers"

https://addons.mozilla.org/en-us/firefox/addon/live-http-headers/

I am already using Live HTTP Header ,but not able see the headers what we are passing from siteminder. Could you please guide me where we can find the http headers?

Hi,

It wont be in the SENT request.
Also, Fiddler and other Proxy based HTTP Trace tools are vastly superior to the Browser Frame plug in.

Use the Dump Page with the Proxy Based HTTP Trace.

Also, SiteMinder Web Agent Trace Logging will report "setting custom..." when setting values.

For more on the tracing, try this: https://support.ca.com/irj/portal/kbtech?docid=487843

Sincerely,
Josh Perlmutter
CA Technologies SiteMinder Support
SiteMinder Team Line: 800-CALL-CAI (225-5224)
My Working Hours: 8 AM to 4 PM US Eastern Time
Center Hours: 8 AM to 8 PM US Eastern Time