Symantec Access Management

  • Private Community
 View Only

  • 1.  Siteminder override cookie from client

    Posted Aug 18, 2020 05:49 AM
    Hi,
    I have a client sends a cookie (ROUTE=1) within a protected URL via SPS
    I would like to override this cookie value, received from the client, and send the new cookie value (ROUTE=2) (value is being taken from LDAP user attribute), towards the back-end server in the policy (siteminder)
    I tried to use the response of WebAgent-HTTP-Cookie-Variable but it seems not to send the cookie to the back-end (only back to the web client)

    Should be like this:
    Client (send ROUTE=1) -> SPS (policy agent replace to ROUTE=2 and send it to back-end) -> Back-end (receive only ROUTE=2 cookie)

    ------------------------------
    Thanks,
    Nissim
    ------------------------------


  • 2.  RE: Siteminder override cookie from client

    Broadcom Employee
    Posted Aug 19, 2020 02:36 AM
    Hi Nissim,

    Indeed, the response will go to the browser, not the backend server.

    On CA Access Gateway (SPS), you have filter you can customize to send
    specific elements to the backend server :

    How Access Gateway Processes Custom Filters

    The Filter API provides a method for developers to insert
    processing before a request is passed to a destination server, as
    described in step 2 of the preceding process [...]

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/programming/ca-access-gateway-apis.html

    I hope this helps,

    Best Regards,
    Patrick
    Original Message