I was just going through below documentation How to Require Re-authentication for Sensitive Resources - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation , but unable to use this functionality as stated.
Below are my configurations:
1) Protected Realm as "webagent/test"
2) Created a policy as "test policy"
3) Under this policy, created a rule as "test GET/ POST" marking the sensitive data as "webagent/test/transfer.html", marking action as only GET & POST.
4) Under this policy, created another rule as "test onAccessValidateIdentity" marking the same sensitive data as "webagent/test/transfer.html", marking action (Authorization events as onAccessValidateIdentity)
5) Added a response as HTTP-Validate-Redirect for test onAccessValidateIdentity with value of the custom relogin.fcc
6) Restarted the Policy Server.
But when I try to access either webagent/test or webagent/test/transfer.html both are redirecting me to the Protected Realms - Authentication scheme location i.e. login.fcc, once I give correct credentials, it is giving me access for both test and test/transfer.html
Need help, on how to actually do a re-auth on sensitive data.
WE ARE ONLY DOING AUTHENTICATION from CA SSO, have disabled Authorization and FCCCombat.