AnsweredAssumed Answered

How authorization decision is made by CA SSO policy ?

Question asked by smukhi on Jun 28, 2018
Latest reply on Oct 16, 2018 by Dhi1ip

Hi all,


I am looking for a deeper understanding on how the authorization decisions are made in the CA SSO policy. 


1.  I have a policy in CA SSO that has been configured to provide access to a page (/test.html) when the user has Role X or Role Y.

2. The user has both Role X and Role Y.


Query 1: Which role will siteminder take into account to authorize the user? Is it based on order? How can I consistently maintain the order as if we modify any role, the order changes on its own. 

Query 2: How can we figure out what role has been taken into account to authorized the user? (Any custom logic or java code to figure out this part)