ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Strange cookie variable is appeared when accessing logoffuri parameter
Article ID: 111715
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
In using SAML Federation and response HTTP header variable, and create SMSAMLDATA variable.
After created SMSAMLDATA variable, and logoff by “logoffuri”, WebAgent Set-Cookie buggy variable “SMSAMLDAT” (NOT SMSAMLDATA).
Set-Cookie: SMSAMLDAT=""; Domain=.test.co.jp; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
In addition, after logoff by “logoffuri”, SMSAMLDATA variable has been overwritten, it means NOT Set-Cookie LOGGEDOFF.
Set-Cookie: SMSAMLDATA=Kk8AgMKuv/4jACa0V4aDmPW5RSYctJ6xObjKIA6uBGDhDJGxqIekX59RK0w97ig6bOQhq3UNt4pc7gpjjJHgTMwsuUBl6xrKxCLeAcKz5q4iktU1cTTKb131tOV5xblyjZh0diEGpE5kleUeiWLfoeZPYbL6QYSYijd/jD41h92h8nQ2h+20BHb/SqRHJzBq7BO/BYFwcSTH1wd5xe+rNXPSFq0ap1YtlT76nAJ6sSL+xyrWKqJt/KA2G9PvAMrRfby19dAeRA0hLirnKE5Hxgvs0QwGiTjfZtianMEoS8OFMNw8xk7CfRYPjEdsCktyHF/iD+z0yE4j2M+ne3aSeUxcM3FYGUEIheOgTRw8fflgDQri/gsIa2gnBeJjPekbK5s1pBU+cXvW1S3TRzCGlxMVnrCl76sdQJK/2m+nS16pc3uZBUMJcyY7CBJPiqpo;
Set-Cookie: SMSAMLDATA=WV6WP/EeLtCGfH2YOpCplvo6zOQzECTdKJZ8dFjDxlCf6ZFOQ8hNSFhU0Kk3VpB2dvOMoutstr00LzSsIIRJM8h2/HJ5/qq3CD+vznKGM0Vx5ta9/AmUxBBcquM8HByYxwzMsunjFcYBa8B5+uOjOw8CqON26pCjGwLK5PeMMQMIig/+TpE5XPX2bK7V/S1HqBwVN7+yoJHeUMP32Ih2NrbXFDZiXZ1HH9rg9lpJo28zMtD3ZCFhm683XUPNiI/y0VZhx06/1jBn9ufbDUtnXy7HEHX76RDYQbqAztVykDe4yNTDnCkvH9sZGoc0TQcw/NS7j2YykIPCR/JmKiYQm9hpdmlclAa9Uzn2hMAsvUr7YaJzbnwk4HuZvHK1kkPUlqA+PIkOuDuSe8zqmtKwRjPa3RGfYgxrFnC2XxInO/A+2T5b2a0EGQfGzIodL0JG;
Why WebAgent set strange cookie variable "SMSAMLDAT" and NOT Set-Cookie LOGGEDOFF despite accessing "logoffuri" parameter URL ?
After created SMSAMLDATA variable, and logoff by “logoffuri”, WebAgent Set-Cookie buggy variable “SMSAMLDAT” (NOT SMSAMLDATA).
Set-Cookie: SMSAMLDAT=""; Domain=.test.co.jp; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
In addition, after logoff by “logoffuri”, SMSAMLDATA variable has been overwritten, it means NOT Set-Cookie LOGGEDOFF.
Set-Cookie: SMSAMLDATA=Kk8AgMKuv/4jACa0V4aDmPW5RSYctJ6xObjKIA6uBGDhDJGxqIekX59RK0w97ig6bOQhq3UNt4pc7gpjjJHgTMwsuUBl6xrKxCLeAcKz5q4iktU1cTTKb131tOV5xblyjZh0diEGpE5kleUeiWLfoeZPYbL6QYSYijd/jD41h92h8nQ2h+20BHb/SqRHJzBq7BO/BYFwcSTH1wd5xe+rNXPSFq0ap1YtlT76nAJ6sSL+xyrWKqJt/KA2G9PvAMrRfby19dAeRA0hLirnKE5Hxgvs0QwGiTjfZtianMEoS8OFMNw8xk7CfRYPjEdsCktyHF/iD+z0yE4j2M+ne3aSeUxcM3FYGUEIheOgTRw8fflgDQri/gsIa2gnBeJjPekbK5s1pBU+cXvW1S3TRzCGlxMVnrCl76sdQJK/2m+nS16pc3uZBUMJcyY7CBJPiqpo;
Set-Cookie: SMSAMLDATA=WV6WP/EeLtCGfH2YOpCplvo6zOQzECTdKJZ8dFjDxlCf6ZFOQ8hNSFhU0Kk3VpB2dvOMoutstr00LzSsIIRJM8h2/HJ5/qq3CD+vznKGM0Vx5ta9/AmUxBBcquM8HByYxwzMsunjFcYBa8B5+uOjOw8CqON26pCjGwLK5PeMMQMIig/+TpE5XPX2bK7V/S1HqBwVN7+yoJHeUMP32Ih2NrbXFDZiXZ1HH9rg9lpJo28zMtD3ZCFhm683XUPNiI/y0VZhx06/1jBn9ufbDUtnXy7HEHX76RDYQbqAztVykDe4yNTDnCkvH9sZGoc0TQcw/NS7j2YykIPCR/JmKiYQm9hpdmlclAa9Uzn2hMAsvUr7YaJzbnwk4HuZvHK1kkPUlqA+PIkOuDuSe8zqmtKwRjPa3RGfYgxrFnC2XxInO/A+2T5b2a0EGQfGzIodL0JG;
Why WebAgent set strange cookie variable "SMSAMLDAT" and NOT Set-Cookie LOGGEDOFF despite accessing "logoffuri" parameter URL ?
Environment
Product Name=CA Access Gateway
FullVersion=12.70.0000.1194
Version=12.70
Update=0000
Build Number=1194
FullVersion=12.70.0000.1194
Version=12.70
Update=0000
Build Number=1194
Resolution
These issue is product bug, and it will be fixed in 12.7.3.
Additional Information
Pass Assertion Data as HTTP Headers to Relying Party Applications:
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/partnership-federation/application-integration-at-the-relying-party/pass-assertion-data-as-http-headers-to-relying-party-applications
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/partnership-federation/application-integration-at-the-relying-party/pass-assertion-data-as-http-headers-to-relying-party-applications
Feedback
Yes
No
Powered by
