AnsweredAssumed Answered

Cookie handling for session establishment in CA API Gateway

Question asked by Apoorvkapil on Sep 9, 2016
Latest reply on Nov 30, 2016 by Stephen_Hughes



I want to know how can i handle session using cookies in CA API Gateway(Layer7) Level.

Consider i don't have siteminder , I m just using standalone Software gateway 9.1 




Consider my Request Information is like this,


Layer 7 Request URL : 

Method : GET,POST

security : Basic Authentication (username , password)


Another  Layer7 Request URL: ""

Method: GET,POST

Security : Basic Authentication (username , password)


Now my use case is, i want if a user is Authenticated once using basic authentication , other API should not ask me for Authentication again.


this is considering only a rich client application(web based) is accessing my APIs which are capable of handling cookies.




1. How can i do basic authentication from external Ldap(already configured) and store cookie after successful authentication, and if not prompt for basic authentication. 

2.  how can i handle the cookies using assertion across the different policies (APIs) , so that if a user already authenticated he not need to be authenticate again and cookies transfers across the different APIs .