I'm Implementing the SecurID On-Demand-Authentication (basically sends an SMS). As Siteminder is concerned, it is the same as a Next Token Code... The user enters the UID+ PIN, SM returns the user to the FCC and requests the PIN again and next token (the code in the SMS received).
However, we want to prefill the PIN on the second phase so the user does not need to re-enter the UID and PIN again. I got the UID working via a Cookie no problem however I need to get the PIN working with the Siteminder FCC Substitution... Here is the clincher... if I use the directive :
With this, I can substitute the pin with $$pin$$... however the SecureID authScheme no longer receives the password and never gets passwrd the first phase... and I cannot add the attributes AL=... (as discussed in the Configure HTML Forms Authentication - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation ) because is is not the default FORMS auth scheme...
What I'm I missing... or is there another way to get the POST data substituted securelly ?
Any help is appreciated!
Give this a try : Tech Tip : CA Single Sign-On : Web Agent : Pre-fill username during step up authentication
Ujwol's Single Sign-On Blog
I cannot use any of the SAVE functions because they create cookies, and the PIN to sensitive to put in a cookie... I do use a cookies for passing the username.
I am not absolutely clear of the requirement probably.
Anyway, may be also refer to this and see if it could be of any help :
Tech Tip : CA Single Sign-On :Policy Server:How to collect additional attribute using custom authentication