Symantec Access Management

Tech Tip : CA Single Sign-On : AutoAuthorizeOptions Agent Configuration Object parameter

  • 1.  Tech Tip : CA Single Sign-On : AutoAuthorizeOptions Agent Configuration Object parameter

    Posted 05-22-2018 07:08 AM

    Question:


    What is the AUTOAUTHORIZEOPTIONS ACO parameter?

    When and why has it been introduced?

    Answer:


    The AUTOAUTHORIZEOPTIONS ACO parameter has been introduced with
    Webagent 6QMR5CR21 to enforce Sharepoint integration.

    It can also be used with standard Webagent to open office document
    when another login box pops up even if the user has already
    authenticated.

     

    It prevents the use of persistant cookies for this specific scenario.

    AutoAuthorizeOptions="Yes", informs the Web Agent to auto authorize a
    request where the method of the request is "OPTIONS" as opposed to
    "GET", "PUT", "POST", etc...

     

    To illustrate :

    Configure the Web Agent ACO as :

     

    AutoAuthorizeOptions="Yes"

     

    then the request with the Action as Options :

     

    Request :

    OPTIONS /mywebsite HTTP/1.1

    Response :

    HTTP/1.1 200 OK

     

    Further reading to handles other Action as HEAD, PROPFIND, etc.

     

    Allow Automatic Access to Resources that use the OPTIONS Method

     

    https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/web-agent-configuration/single-sign-on-cookie-domains-and-web-agents/configure-web-agent-single-sign-on-settings

     

    KB : KB000051284