AnsweredAssumed Answered

Gateway authorizing on CA SSO session cookies

Question asked by JMCColorado on Mar 2, 2017
Latest reply on Apr 21, 2017 by Stephen_Hughes

Can the API Gateway authorize a transaction with a SiteMinder (Single Sign-On) session cookie that was generated on a separate webserver, assuming the webserver is a component of the same Single Sign-On infrastructure as the API Gateway?


I seem to be able to authorize via SiteMinder using cookies that were generated on the gateway, but the gateway is not authorizing SiteMinder cookies that are generated at a set of centralized login servers. In fact, even though I see a "Not Authorized!" message at the gateway, I do not see an isAuthorized call or AZReject at the Policy Server, in the SMPS trace logs.


Any help would be appreciated.