I have recently been facing the issue above when trying to redirect any user from my WebAccess Controlinfrastructure to my Web Access Management Infrastructure in order to be authenticated with a higher Authentication Level
In fact the first user gets authenticated and then got an SMSESSION with an authentication Level of 5.
After that the user tries to access an application that needs a higher authentication level
So the user is being redirected to the WAM I, nfrasturctureto GET an SMESSION cookie with a higher authentication Level
The problem is that after getting a SAML Assertion
between the WAM and the WAC infrastructure, we could easily generate the Smsession cookie in the Federation domaine.
But whenever we had already generated a cookie in the WAC domain within AuthentLevel of 5, our cookie provider does not modifier the Authentication Level, it has only validated the session of the user.
So we still have the SMSESSION with Authentication Level of 5, and then could not Access to the Application ant then the authentication scheme is called Back, so we went in an undetermined loop.
Could anyone help us on how to kill the SMSESSION cookie before going to the WAM infrastructure.
Policy Server Version : 12.5.0
WebAgent version : SiteMinder APACHE 2.2 WebAgent, Version 12.0 QMR03, Update HF-13, Label 950