Layer7 Access Management

Expand all | Collapse all

Tech Tip : CA Single Sign-On : What is the Purpose of from Body Section in SPS WS Auth/AZ ?

  • 1.  Tech Tip : CA Single Sign-On : What is the Purpose of from Body Section in SPS WS Auth/AZ ?

    Posted 04-19-2017 10:27 AM

    Question:

     

    What is the Purpose of <binaryCreds></binaryCreds> from Body Section in SPS WS Auth/AZ ?


    Environment:


    SPS 12.52SP1CR06

     

    Answer:

     

      BinaryCreds is to hold certificate when authentication scheme request it.

     

      You should understand that Auth/AZ Web Service is plain implementation
      of Agent SDK Login call.

     

      So in order to get an SMSESSION cookie the "Login" call to succeed
      and generate SMSESSION cookie it either needs :

     

      User and Password

     

      or

     

      public certificate of the User.

     

      That means for <loginRequest> request, we can either pass User Name / Password or
      Public certificates like this :

     

      User Name or Password

     

      <loginRequest>
      <binaryCreds></binaryCreds>
      <password>user1</password>
      <userName>user1</userName>
      <action>POST</action>
      </loginRequest>

     

      Or

     

      Public Certificate

     

      <loginRequest>
      <binaryCreds>MIICvzCCAiigAwIBAgIDAeJCMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNVBAYTAlVTMRYwFAYDVQQI
      Ew1NYXNzYWNodXNldHRzMRAwDgYDVQQHEwdXYWx0aGFtMRIwEAYDVQQKEwlOZXRlZ3JpdHkxFDAS
      BgNVBAsTC0VuZ2luZWVyaW5nMRwwGgYDVQQDExNDZXJ0aWZpY2F0ZSBNYW5hZ2VyMB4XDTA1MDYw
      MjE1NTE1NloXDTE5MDIwOTE2NTE1NlowcDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1
      c2V0dHMxEDAOBgNVBAcTB1dhbHRoYW0xEjAQBgNVBAoTCU5ldGVncml0eTEUMBIGA1UECxMLRW5n
      aW5lZXJpbmcxDTALBgNVBAMTBFJvYm0wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMmsN7o9
      TM8COlJULQ8Gl8rs3co0T6y3xyWJkn2vhx3BUjibjVwdaqn7zR3NawItvsL4RCQpeYNJ+oPPpNEd
      rYGY5NmUUDqqzWKhFWz6PloK8zjJ0VbOLoIArRxRxMnLOdm1yFZO5h1kCDgVmKWzL75np9w5iKUN
      mwAWzMlc6njVAgMBAAGjWDBWMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUDAwfYADAWBgNVHREE
      DzANgQtyb2JtQGNtLmZvbzAdBgNVHQ4EFgQUeMS2MjNJ6PY9lZcbq1v5o/5VkXswDQYJKoZIhvcN
      AQEEBQADgYEAGXgFn3+LC6kYBUTvKNPSlHbfqtx2Ifuk7HzZOAtveMojIq8q6nUvRWk7KlyVfkNR
      sohd+HoM1c/2yLecC3HqkJR1x5vb0YHvoJa+ucif+45rYSfrWXRAa6PVC3a06GGPd4yjZclZlrn3
      fd+HwssScRSvVI5r+64+oNMhsqoTBvc=</binaryCreds>
      <password> </password>
      <userName> </userName>
      <action>GET</action>
      </loginRequest>

     

      Any one of them will generate SMSESSION cookie.

     

    KB : TEC1294671



  • 2.  Re: Tech Tip : CA Single Sign-On : What is the Purpose of from Body Section in SPS WS Auth/AZ ?