Basically if Authenticate against CA Single Sign On passes meaning your SM session is valid
siteminder.response.attribute.headerVar.siteminder.SESS_DEF_REASON will usually Returns the reason for an authentication or authorization failure (if failure occurred).
I can't think of anything else that need to be done as part of verification during the integration.
look here
Original Message:
Sent: 01-14-2020 06:25 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?
Hi Ronald,
Reply: Have you set the SM configuration on CA API gateway ?-- Yes we have set it up already.
I am able to do the following operations using the CA Single-Sign-on assertions:
- Check Protected resource
- Authenticate the user (using username + password / existing smsession)
- Authorize the user using an existing single-sign-on smcontext.
How can we check whether smsession is a valid one or not?
Original Message:
Sent: 01-14-2020 05:56 AM
From: Ronald DSouza
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?
Have you set the SM configuration on CA API gateway .
Set this and then you can check protected resource
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on.html
Original Message:
Sent: 01-14-2020 01:50 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?
Hi Community,
How can we validate the siteminder smsession using the in CA API Gateway 9.2 assertions?
Please help.