Layer7 API Management

  • Private Community

  • 1.  Authenticate Against Identify Provider Assertion

    Posted Aug 18, 2017 11:51 AM

    Any failure whether wrong password, invalid user, expired user, disabled user i am seeing the same error? 

    Is there a way to distinguish as to why auth failed using this assertion? We need to know why it failed for further processing of the request.



  • 2.  Re: Authenticate Against Identify Provider Assertion

    Broadcom Employee
    Posted Aug 18, 2017 12:14 PM

    Hi Justus,

     

    Please increase the log level of the ssg log to see more specific information. 

     

    Refer:

    Audit Message Codes - CA API Gateway - 9.0 - CA Technologies Documentation 

     

    more specific information is included at FINE level. 

     

    Regards,

    Ruchi



  • 3.  Re: Authenticate Against Identify Provider Assertion

    Posted Aug 18, 2017 12:46 PM

    Well, I cannot afford to do this in PROD. I am looking to see capture error message as sent by LDAP



  • 4.  Re: Authenticate Against Identify Provider Assertion
    Best Answer

    Broadcom Employee
    Posted Aug 18, 2017 01:29 PM

    Justus,

    I know you opened a support case on this. This is a current limitation which has been that way for some time. But there is work being done on exposing the failure from the backend ldap vs the current pass or fail implementation this is expected to be out in the near term in the 9.3 release. Which will be out in the very near future.

     Thanks.



  • 5.  Re: Authenticate Against Identify Provider Assertion

    Posted Aug 21, 2017 11:06 AM

    Charles,

     

    Thanks for the info. I am also curious on how folks in this community are handling this scenario.

     

    Thanks,

    Justus