Idea Details

ASA Agent has that limit  - there's no functionality to allow Certificate Authentication

Last activity 06-04-2019 12:03 PM
Giovanni Argiolas's profile image
03-31-2016 06:17 AM

Running ASA Agent for WebLogic, when using Certificate Authentication scheme on front end Web Agent, the ASA Agent cannot get the corresponding User and the Principal.


There is no user name when using X509  and so the username/userPrincipal is not populated.


The ASA Agent has that limit as there's no functionality to allow Certificate Authentication.


Can you please implement this functionality in the next available release?


Many thanks


05-25-2017 02:56 AM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team has reviewed your suggested enhancement. Based on current roadmap priorities and/or the limited amount of community support for this idea over the last year (please see this document describing how we are reviewing ideas:, we are not accepting this idea into the product backlog. Therefore, it is being moved to a “Not Planned” status.

03-31-2016 07:58 AM

Can you elaborate on what you mean by user and principal?


I don't follow how an auth scheme has anything to do with what user attributes are available to be passed to an application.


Any attributes in the user directory are available no matter what auth scheme is used.


If you are not using attributes from the user directory, but instead are using attributes from the login/auth scheme, then maybe that is the issue.