Symantec Access Management

 View Only
  • 1.  Issue with Agent API -> Federation Single Sign On

    Posted Nov 17, 2015 08:59 PM

    Hi,

      We are trying to achieve one requirement. This is our requirement :

    1) We have one application which will use agent API for authenticating the user.

    2)After user authentication, the same session will be used for federation to generate SAML response.

    3)When the user access federation, it should not ask for credentials. The federation manager should take the sm session cookie generated while authenticating user using Agent API.

     

     

    Now our issue:

     

     

    We authenticated the user using agent api. We are using same realm for both federation and Agent API authentication.

     

     

    We created one Test.java class and authenticated a user using agent API. We got the smsession from the policy server after successful authentication.

     

     

    We inserted the smsession which we got from Agent API authentication in a browser and accessed the federation URL. But we are asked for authentication.(Which is  not expected as per the requirement )

     

     

    We tested in the reverse manner authenticated a user using federation manager and took the cookie from the browser and inserted it in java code. We are getting the SML response successfully.

     

     

    We cannot trace the issue with the smsession cookie. Please guide us how to debug and fix the issue



  • 2.  Re: Issue with Agent API -> Federation Single Sign On
    Best Answer

    Posted Nov 18, 2015 12:44 PM

    Rahul rahulk.s

     

    Have you tried setting AcceptTPCookie in the Agent Configuration Object of the WebAgent which is intended to accept Cookies generated from AgentAPI Code.

     

    https://wiki.ca.com/display/sm1252sp1/Single+Sign-on+with+the+Agent+API

     

    _SM--AcceptTPCookie_363964 - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation

     

     

     

    Regards

     

    Hubert



  • 3.  Re: Issue with Agent API -> Federation Single Sign On

    Posted Nov 19, 2015 02:52 PM

    Great Help!! Thank you so much. Issue is resolved.