Question on step up authentication

book

Article ID: 111170

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



One application is looking for a Step-up authentication every time an user access back a dedicated URI in the same application. It is just one URL but different URIs.

Environment

Version: any

Resolution

SiteMinder can prompt a user the first time they access a part of an application protected by a higher level auth scheme and the users existing session is at a lower level auth - but as long as that session is valid after stepping up, they would not be prompted again.