AnsweredAssumed Answered

"AzReject" when SM Session is is already there with lower level

Question asked by Vipul Kaneriya on Aug 23, 2018
Latest reply on Aug 31, 2018 by PKSahu

Issue : "AzReject" when SM Session is is already there with lower level

 

Scenario :

User Logging to federation partnership which has Auth Level 5 and in the same browser when user try to access another federation partnership which has higher  Auth Level 10. User keeps getting login page again and again. We are seeing the "AzReject" and "Session is not authorized for this security level" in Access log. 

 

Another words, SMSESSION is already there, and SM is validated this session, before access can be authorized. however, this smsession was authenticated at a lower level, and the request was to a resource that is being protected with a higher auth level, hence the AzReject. Any solution for this?

 

I have SSO 12.7 with session store and we are using non-persistence session in realm.

Outcomes