Symantec Access Management

  • 1.  Response set HTTP variable from DB onAccessAccept

    Posted Apr 08, 2016 08:39 AM

    Hi,

    in our Siteminder environment we have both an Active Directory that an Oracle DB userstore defined.

    Our domain's realm and policy are configured to allow access to all users in both userstores.

    The application works correctly only if it recieves an HTTP header called LOGINID. This attribute is populated only in DB userstore.

     

    We would like to configure a response which sets onAccessAccept an HTTP-variable LOGINID, getting "LOGINID" attribute from Oracle DB userstore also if user is authenticated from AD.

    Is it possible to achieve the goal without using an "Active Response"?

     

    Any ideas would be appreciated!

    Best Regards



  • 2.  Re: Response set HTTP variable from DB onAccessAccept
    Best Answer

    Broadcom Employee
    Posted Apr 08, 2016 10:48 AM

    Are all user objects stored in both AD and ODBC?  You could configure a AuthAz Mapping (AD -> ODBC) in order to Az the user against ODBC and set an HTTP Response Header to pull the

    value from the ODBC attribute.

     

    You might want to discuss this with Global Delivery to see if SMWalker can achieve this goal. 

     

    There may not be enough detail to adequately answer this question at this point.



  • 3.  Re: Response set HTTP variable from DB onAccessAccept

    Posted Apr 18, 2016 02:54 AM

    Hi,

    yes this is the correct answer. We already tried to implement this but without success because in our version 12.52 sp1 there was a bug and there wasn't possible to do this mapping between AD and ODBC.

    After we have opened a case, CA released a .jar which solves the issue and now we're able to do this.