Symantec Access Management

Expand all | Collapse all

CA SSO re(stepup)Authentcate without UserName

  • 1.  CA SSO re(stepup)Authentcate without UserName

    Posted 11-13-2018 04:44 AM

    Hi,

    I'm looking for a way ( .fcc/.sec file) which will allow me to do re or stepup authentication for already Authenticated user.

    I have tried couple of custom .fcc but it fails when I don't send any username to it, works fine when username is entered, however as user is already logged in , we don't want user to enter username again.

     

    -

    Rohit



  • 2.  Re: CA SSO re(stepup)Authentcate without UserName

    Broadcom Employee
    Posted 11-15-2018 08:34 PM


  • 3.  Re: CA SSO re(stepup)Authentcate without UserName

    Posted 11-15-2018 11:12 PM

    mutas02

    Thanks for the response.

     

    Currently I'm using html and shtml to post username and password on fcc .

     

    for this I'm using below FCC code which I got from another post from CA community,

    <!-- SiteMinder Encoding=UTF-8; -->
    @username=%USER%
    @smretries=0

    to capture username 2nd time currently I'm using SSI on shtml so thats working now, however it might get rejected in infosec review.

     

     

    I tried the solution you have suggested.

    1st html .obp.html is posting creds to "embeddedLogin.fcc"
    code of "embeddedLogin.fcc"

     

    <!-- SiteMinder Encoding=UTF-8; -->
    @username=%USER%
    @smretries=0
    @save=USER

     

    can login, no issues.

     

    2nd shtml page to enter password only is obp_otp.shtml posts on embeddedLogin1.fcc

    code of embeddedLogin1.fcc

     

    <!-- SiteMinder Encoding=UTF-8; -->
    @username=$$USER$$
    @smretries=0

    Login is failing.

     

    This is first time I'm trying to create fcc, so not very sure about these configs.