Layer 7 API Management

Expand all | Collapse all

How to validate smsession using CA API Gateway 9.2 Assertions?

Jump to Best Answer
  • 1.  How to validate smsession using CA API Gateway 9.2 Assertions?

    Posted 01-14-2020 01:51 AM
    Hi Community,

    How can we validate the siteminder smsession  using the in CA API Gateway 9.2 assertions?

    Please help.


  • 2.  RE: How to validate smsession using CA API Gateway 9.2 Assertions?

    Posted 01-14-2020 05:57 AM
    Have you set the SM configuration on CA API gateway .

    Set this and then you can check protected resource

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/security-configuration-in-policy-manager/tasks-menu-security-options/manage-ca-single-sign-on-configurations/working-with-ca-single-sign-on.html


  • 3.  RE: How to validate smsession using CA API Gateway 9.2 Assertions?

    Posted 01-14-2020 06:25 AM
    Hi Ronald,

    Reply: Have you set the SM configuration on CA API gateway ?-- Yes we have set it up already.

    I am able to do the following operations using the CA Single-Sign-on assertions:

    • Check Protected resource
    • Authenticate the user (using username + password / existing smsession)
    • Authorize the user using an existing single-sign-on smcontext.
    How can we check whether smsession is a valid one or not?



  • 4.  RE: How to validate smsession using CA API Gateway 9.2 Assertions?
    Best Answer

    Posted 01-14-2020 06:48 AM
    Basically if Authenticate against CA Single Sign On passes meaning your SM session is valid
    siteminder.response.attribute.headerVar.siteminder.SESS_DEF_REASON will usually Returns the reason for an authentication or authorization failure (if failure occurred).

    I can't think of anything else that need to be done as part of verification during the integration.
    look here