Layer7 API Management

Hi Community,

How can we validate the siteminder smsession  using the in CA API Gateway 9.2 assertions?

Please help.

Have you set the SM configuration on CA API gateway .

Set this and then you can check protected resource

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on.html
Original Message:
Sent: 01-14-2020 01:50 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Hi Community,

How can we validate the siteminder smsession  using the in CA API Gateway 9.2 assertions?

Please help.

Hi Ronald,

Reply: Have you set the SM configuration on CA API gateway ?-- Yes we have set it up already.

I am able to do the following operations using the CA Single-Sign-on assertions:

• Check Protected resource
• Authenticate the user (using username + password / existing smsession)
  
• Authorize the user using an existing single-sign-on smcontext.

Original Message:
Sent: 01-14-2020 05:56 AM
From: Ronald DSouza
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Have you set the SM configuration on CA API gateway .

Set this and then you can check protected resource

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on.html
Original Message:
Sent: 01-14-2020 01:50 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Hi Community,

How can we validate the siteminder smsession  using the in CA API Gateway 9.2 assertions?

Please help.

Basically if Authenticate against CA Single Sign On passes meaning your SM session is valid 
siteminder.response.attribute.headerVar.siteminder.SESS_DEF_REASON will usually Returns the reason for an authentication or authorization failure (if failure occurred).

I can't think of anything else that need to be done as part of verification during the integration.
look here
Original Message:
Sent: 01-14-2020 06:25 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Hi Ronald,

Reply: Have you set the SM configuration on CA API gateway ?-- Yes we have set it up already.

I am able to do the following operations using the CA Single-Sign-on assertions:

• Check Protected resource
• Authenticate the user (using username + password / existing smsession)
  
• Authorize the user using an existing single-sign-on smcontext.

How can we check whether smsession is a valid one or not?

Original Message:
Sent: 01-14-2020 05:56 AM
From: Ronald DSouza
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Have you set the SM configuration on CA API gateway .

Set this and then you can check protected resource

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on.html
Original Message:
Sent: 01-14-2020 01:50 AM
From: Pavansai C
Subject: How to validate smsession using CA API Gateway 9.2 Assertions?

Hi Community,

How can we validate the siteminder smsession  using the in CA API Gateway 9.2 assertions?

Please help.