I'm using feature and, as expected, the HTTP_Header variables are changed based on the destination User Store, HTTP_SM_UNIVERSALID included, but HTTP_SM_USER and REMOTE_USER (I need both) are not updated (they preserve the original value of the first login).
Following an example:
<first login against AD_example.com user-store with a user with username = grusconi>
REMOTE_USER = grusconi HTTP_SM_UNIVERSALID = grusconiHTTP_SM_AUTHDIRNAME = AD_dummy.comHTTP_SM_USER = grusconi
<then switch to a domain with user-store ApacheDS_example.com where the related validated mapped user has username = 0000001>
REMOTE_USER = grusconi HTTP_SM_UNIVERSALID = 0000001HTTP_SM_AUTHDIRNAME = ApacheDS_example.comHTTP_SM_USER = grusconi
<...I would like HTTP_SM_USER and REMOTE_USER have always the same value of HTTP_SM_UNIVERSALID>
You can create custom response to override the values:
thanks it works for SM_USER but it doesn't for REMOTE_USER; any help for that?
For Remote_USER , please set ACO RemoteUserVar
Yes, I have already set in the ACO parameter SetRemoteUser = yes
otherwise the REMOTE_USER header variable would not be set.
The issue is that it is not updated and SiteMinder response configuration allows me to set HTTP_REMOTE_USER and not the real REMOTE_USER variable.
<result>REMOTE_USER = grusconi HTTP_REMOTE_USER = 0000001HTTP_SM_USER = 0000001
SetRemoteUser & RemoteUserVar are two different ACO.
I was asking to set the later one.
you are absolutely right, my apologies and thanks for the solution provided.
Just a added note, for REMOTE_USER we should not create a RESPONSE called REMOTE_USER in WAM UI Response. It should work purely based of the ACO Parameter SetRemoteUser & RemoteUserVar.
Yep, I think customer understands that. That was just an attempt to override its value.