Hi,
I am trying to create an API which will authenticate & authorize user from CA SSO and then will create SMSESSION cookie.
I have my local test application to make that API call. My local test application is not protected by CA SSO.
In the browser, I saw it generate the SMSESSION cookie with my company domain.
From that browser, when I tried to access other my company web applications, the webagent always redirect to CA SSO login page.
It looks like webagent cannot recognize that SMSESSION cookie.
I am pretty sure my Layer7 API SiteMinder setting is good. I have another API which can read SMSESSION and retrieve user information.
So I just wondering is it possible after browser get SMSESSION cookie from Layer7 and it can bypass login page from other web applications?
And in the webagent log, I saw webagnet always tried to decode SMIDENTITY cookie. Since the browser only generate SMSESSION cookie, do I need to generate SMIDENTITY cookie too? and can you let me know how can I generate SMIDENTITY cookie?
Thanks
Mark