How could i see in the webagent log or policy server logs the same smsession value issued to the browser after user authenticated from siteminder?
Apparently I could not see the smsession in the log which is issued in the browser infact i have seen sessionspec
You can find only SessionSpec and SessionID details in webagenttrace and policy server trace logs. And the SMSESSION cookie which is set in the browser will have multiple things involved and which is set by the web agent.
Please refer below KB's for more details on SMSESSION.
For security reasons, we have disabled logging the exact SMSESSION in any log.
This was previously available in the earlier version of CA SSO
I am wondering about why can't I see it now because I have seen in the version of SM6.x.Any ways clarified.Thanks.
Lets assume a user request a page for every 10 or 20 seconds after authentication,then every time the smession value will get updated in the browser?
It depends on SessionGracePeriod. If refreshed within grace period it won't update.
Every time the user request the resource,the browser sends the smsession to the webagent, but if you look in the Brower via fiddler/httpfox there will be many smessions accumulated during that user session.If again a new resource is requested by user, which smsssion the browser gonna send? Ideally browser should send the latest smsession but however there are many smsessions in browser, how does browser knows which one had to send?
There can only be one smsession cookie for any particular cookie domain at anytime. If you have more than one, you will need to fix that first. It's not expected.
SMSESSION cookie will be set to the domain (.ca.com), So if the request is having the matching domain like "xyz.ca.com" then browser will send SMSESSION cookie along with the request otherwise it wont send.
No, It wont get updated in the browser