Hi Vijay
As you know, SiteMinder OIDC implementation requires session store as a mandatory component. Based on my understanding, it is not supported architecture without session store in SiteMinder.
If you want to get more detailed mechanism about session store in OIDC implementation, I would recommend you to open a case. Then, Broadcom support team can escalate your question into the engineering team.
BTW, is there any reason not to use session store? You can use CA Directory as session store. You just need to enable session store in policy server, which implement OIDC.
Kind regards
B.K.
Original Message:
Sent: 04-29-2020 05:32 PM
From: Vijay D
Subject: Session Store in OIDC
All,
I would like to know the impacts of avoiding session store for OIDC implementations and ways to execute that. CA SSO is using session store to save az_code, access tokens and sessionID even though if I select "non-persistent" against the realm created to protect "/affwebservices/secure/secureredirect".
It would also be helpful if someone can explain others details CA SSO will be saving in session store while using OIDC applications.
Thanks
Vijay