CA AGW Partnership federation/ configuration assistance would be needed for redirect
Article ID: 102821
CA Single Sign On Secure Proxy Server (SiteMinder)AXIOMATICS POLICY SERVERCA Single Sign On SOA Security Manager (SiteMinder)CA Single Sign-On
I have installed CA Access Gateway (SPS) 12.7 and I'am testing for first time a Parnership Federation with Policy Server 12.7, so that CA Access Gateway (SPS) is acting as SAML2 IdP and myseconddomain http://www.myseconddomain.com/ is acting as SAML2 SP.
Login pages are on the CA Access Gateway (SPS).
When I start login flow from sp.myseconddomain.com, the Authentication URL redirects properly to login page where both authentication and authrozation are processed successfully and a SMSESSION is created.
The problem occurs with redirect.jsp. When the browser goes to that redirect.jsp page, the browser doesn't get redirected back to the Federation Resource /affwebservices/public/saml2sso.
I have configured the Authentication URL to https://AGW.myfirstdomain.com/affwebservices/redirectjsp/redirect.jsp in Parnership Federation Configuration.
In CA Access Gateway (SPS) Federation has been enabled and the Authentication URL has been set to default siteminderagent/redirectjsp there.
First login fails because of redirect. In second try when SMSESSION exists already login flow is successful. SAML response is returned to myseconddomain SP site.
From the flow, we see the SMPORTALURL is encrypted :