Layer7 API Management

Expand all | Collapse all

What is the difference between "Basic User Authentication using CA Single Sign-On" and "Basic User Authentication via HTTP cookie using CA Single Sign-On"?

  • 1.  What is the difference between "Basic User Authentication using CA Single Sign-On" and "Basic User Authentication via HTTP cookie using CA Single Sign-On"?

    Posted 02-28-2017 07:35 AM

    Hi,

    I tried to add assertions required for both cases(Basic User Authentication using CA Single Sign-On and Basic User Authentication via HTTP cookie using CA Single Sign-On) in different APIs. In my case, both are working in same way meaning in both cases steps followed:

    1. Hit the URL for first time and it asked for credentials then provided API response

    2. Hit the URL again and it didn't ask for credentials and provided API response

    and I feel in second case(Basic User Authentication via HTTP cookie using CA Single Sign-On), it is not even setting cookie variable. Can you please clarify if I am doing it in some other way.My understanding is in Basic User Authentication using CA Single Sign-On, it should always ask for credentials whenever I call the API and in Basic User Authentication via HTTP cookie using CA Single Sign-On, it should check if authentication is done before or not and if user is authenticated before, it should use cookie. 



  • 2.  Re: What is the difference between "Basic User Authentication using CA Single Sign-On" and "Basic User Authentication via HTTP cookie using CA Single Sign-On"?

    Posted 04-21-2017 05:57 PM

    Good afternoon,

     

    Depending on whether the policy has the logic to check for SMSESSION Cookie first before the HTTP Authentication then ensure that it is setting the cookie back to the client. Example of the policy layout is in the

    Basic User Authentication via HTTP Cookie using CA Single Sign-On Assertions section -

    https://docops.ca.com/ca-api-gateway/9-2/en/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support