Symantec Access Management

 View Only
  • 1.  How to read a cookie and reject a request

    Posted Jan 03, 2019 03:36 PM



    we have a situation, where we have to reject a user request or send them back to login page if a particular cookie exists in the browser?


    1. Login to website

    2. Browse various pages and a specific cookie is created on a specific page (e.g. badcookie)

    3. If user tries to go to next page in different browser (having badcookie in the browser) the user should be forced to go to same page where user was or forced them to kill the SMSESSION.


    Please let me know if the scenario is clear or would need more information.

  • 2.  Re: How to read a cookie and reject a request

    Posted Jan 04, 2019 10:38 AM



    I think this is something that needs to be handled at / by application code. You could code this up at Page Load to look at all Cookies and check for a cookie named as "badCookie". If it exists then call the CA SSO Logout URL which would cleanly wipe off the SMSESSION Cookie and also if SStore is configured i.e. Persistent Session then mark the Session in the SStore as logged out. I'd not kill the SMSESSION Cookie as this may not clean the validity of the SMSESSION in SStore. If you do not use Persistent Session via SStore, then killing the cookie forcibly would be an option.

  • 3.  Re: How to read a cookie and reject a request

    Posted Jan 07, 2019 12:41 PM

    HI HubertDennis this means we don't have any out of the box functionality to read a cookie and take an action in Siteminder? If this is not out of box functionality then we will have to reach out to multiple teams to implement the reading and taking action which is little difficult.

  • 4.  Re: How to read a cookie and reject a request

    Broadcom Employee
    Posted Jan 07, 2019 01:28 PM



    This is more of custom requirement from your application side, I don't think anything to do with Siteminder capability. As Hubert suggested, this has to handled on the application side and can be achieved using simple java scripts. Below doc links may give your some idea.


    Delete the siteminder cookie at user logoff 


    Comprehensive Log Out - CA Single Sign-On - 12.8 - CA Technologies Documentation 




  • 5.  Re: How to read a cookie and reject a request

    Posted Apr 01, 2019 02:02 PM

    mutas02HubertDennis, sorry I was not able to reply to this earlier, but if I have to achieve this can I create a active Response, where if  there is cookie in browser called cookie cookie=badcookie and user opens a new tab and hit that URL Siteminder's SDK Active Response will trigger and can look at this cookie and take an action defined in the response?


    If this is possible do you have a sample which I can refer to in my implementation?