A customer would like to use the API Gateway infrastructure to create a specific service (a specific path serves by the API Gateway) to expose a web application and protect it with CA Single Sing-On (aka SiteMinder).
In particular, following the requirements:
1. the API Gateway acts as a reverse-proxy only for a particular served path (e.g. https://<api-gtw-fqdn>/app123)
2. the API Gateway acts as a SiteMinder WebAgent for the same path to autheticate the user access to that resource with CA Single Sign-On and proxy the unreached HTTP header with SiteMinder responses
Is is possible? In case, any doc and/or assertion pack still exists?
API gateway is quite good at those tasks.
For reverse proxy, please refer to,
Publish Reverse Web Proxy - CA API Gateway - 9.4 - CA Technologies Documentation
For SSO siteminder, please refer to,
Working with CA Single Sign-On - CA API Gateway - 9.4 - CA Technologies Documentation
The implementation details would rely on your env.