What is SMSAMLDATA cookie and what it stores? This cookie is getting set in the browser every time I login using Federation.
Hi @Manjunath Mudigonda
For SPS/ Web Agent to send the HTTP header, you will need to enable SAMLDataPlugin.dll (SAMLDataPlugin.so in unix) in the WebAgent.conf file.
This has been mentioned in the doco as well :
Using HTTP Headers to Pass Assertion Data (SAML only)
CA SiteMinder® can pass assertion data using HTTP headers.
Follow these steps:
The fedheaderprefix setting specifies a global prefix that CA SiteMinder® adds to HTTP headers. Setting a prefix protects HTTP headers against manipulation by an unauthorized user before the CA SiteMinder® consumes an assertion. As a result, only legitimate headers get passed to the target application. Read more about protecting HTTP headers.
HTTP headers are now configured to pass attribute data.
From FWSTrace log I found that SPS is setting this SAMLDATA cookie with all the Attributes it received in Assertion. But it's hard to understand why it is setting this cookie and it's use?
Are you using Cloudminder or normal Federation (partnership, legacy)?I don't have complete details but found some information that
SMSAMLDATA is used by Siteminder for HTTP header support. It uses the Web Agent SESSION cookie encryption keys to encrypt the data. This cookie is basically reserve to use by Siteminder
Does it affect your application?
i had same issue, i created a federation partnership using oAuth 2.0 as HTTP Headers. i see SMSAMLDATA cookie generated but i dont see the token in headers
i configured oAuth 2.0 using siteminder partnership model with anonymous user and Redirect Mode as "HTTP Headers". when i test i see SMSAMLDATA cookie is set and fwstrace log shows the facebook user attributes "https://graph.facebook.com/me?fields=id,name,first_name,last_name,email " based this query but i don't see any HTTP headers. do you know why ?
Try to enable the SAMLDATA plugin in the webagent conf file of SPS. This will enable SPS to send the HTTP headers from SAMLDATA
Do you know the file name ?
I enabled oauthplugin is that the same you are referring to
Retrieving data ...