Symantec Access Management

  • 1.  JSESSION ID getting changed after we authenticate via Siteminder

    Posted Feb 28, 2018 06:22 AM

    Hi All,

    I am facing an issue, where I am having a post call to login.fcc from my application controller.

    Once the authentication is successful, the JSESSIONID linked gets changed and hence application is not working properly.

    Please suggest!

    We are using siteminder only for AUTHENTICATION that too via login.fcc POST CALL not through GET request.



  • 2.  Re: JSESSION ID getting changed after we authenticate via Siteminder

    Posted Feb 28, 2018 06:34 AM

    CA SSO doesnt create JsessionID.

    You will need to look at your application logic and identify why this is being created. My guess is that, it is being recreated everytime when the SMSESSION cookie value changes?

     

    Are you using ASA agent? If yes which one Weblogic or Websphere agent?

     

    Related old thread:

    https://communities.ca.com/thread/241729507

     

    Sent from my iPhone



  • 3.  Re: JSESSION ID getting changed after we authenticate via Siteminder

    Posted Feb 28, 2018 07:06 AM

    Thanks Ujwol for the reply,

    Even I feel the same, but somehow we are unable to check the same. 
    We are custom login fcc, where by we are using our own page (FTL) for login, once the credentials reaches our controller, we validate the same, and make a POST call to custom login fcc for authentication, but somehow when we redirect the user to successive page, we can see a new JSESSIONID, although when we again go back to same login page, enter the credentials again, from that time, JSESSIONID did not get changed.

    Hence bit confused.

    We are using Web agent (Apache 2.4)



  • 4.  Re: JSESSION ID getting changed after we authenticate via Siteminder
    Best Answer

    Posted Mar 01, 2018 09:48 AM

    I would check with your application server vendor, IBM (WebSphere) or Oracle (WebLogic), sounds more like a problem on that end. CA SSO doesn't really do anything with JSESSIONID.



  • 5.  Re: JSESSION ID getting changed after we authenticate via Siteminder

    Posted Apr 30, 2018 03:35 AM

    Thanks all, later we found it was Spring security which was creating this issue.