Symantec Access Management

Expand all | Collapse all

Prefil PIN for SecurID ODA

  • 1.  Prefil PIN for SecurID ODA

    Posted 01-11-2017 01:50 PM

    I'm Implementing the SecurID On-Demand-Authentication (basically sends an SMS). As Siteminder is concerned, it is the same as a Next Token Code... The user enters the UID+ PIN,  SM returns the user to the FCC and requests the PIN again and next token (the code in the SMS received). 

     

    However, we want to prefill the PIN on the second phase so the user does not need to re-enter the UID and PIN again.  I got the UID working via a Cookie no problem however I need to get the PIN working with the Siteminder FCC Substitution... Here is the clincher... if I use the directive :

     

    @password=password=%password%&pin=%password%

     

    With this, I can substitute the pin with $$pin$$...  however the SecureID authScheme no longer receives the password and never gets passwrd the first phase... and I cannot add the attributes AL=... (as discussed in the Configure HTML Forms Authentication - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation )  because is is not the default FORMS auth scheme...

     

    What I'm I missing... or is there another way to get the POST data substituted securelly ?

     

    Any help is appreciated!



  • 2.  Re: Prefil PIN for SecurID ODA

    Posted 01-11-2017 09:28 PM


  • 3.  Re: Prefil PIN for SecurID ODA

    Posted 01-12-2017 09:01 AM

    Thanks Ujwol, 

     

    Saddly,

    I cannot use any of the SAVE functions because they create cookies, and the PIN to sensitive to put in a cookie... I do use a cookies for passing the username.

     

    Regards,

    Glenn



  • 4.  Re: Prefil PIN for SecurID ODA

    Posted 01-12-2017 07:55 PM

    Hi Glenn,

     

    I am not absolutely clear of the requirement probably.

     

    Anyway, may be also refer to this and see if it could be of any help :

    Tech Tip : CA Single Sign-On :Policy Server:How to collect additional attribute using custom authentication 

     

    Regards,

    Ujwol