Yes, it is safe to disable SiteMinder default headers.
To disable the default use of HTTP header variables do any of the following tasks:
- To disable authentication source variables, set the value of the DisableAuthSrcVars parameter to yes.
- To disable user session variables, set the value of the DisableSessionVars parameter to yes.
Default: No - To disable user name variables, set the value of the DisableUserNameVars parameter to yes.
It is not SiteMinder itself who will use these variables, but it is other application which is integrating with SiteMinder might need these variables.
For eg. If you are integrating with IdenittyMInder you will need some of these default header variables.
Cheers,
Ujwol Shrestha