Webagent is redirecting to url that is not part of the valid target domain
Article ID: 115119
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
We have configured the Siteminder ValidTargetDomain to .abc.com which has to block redirects to other websites other than the .abc.com.
However, we observe that the agent is not blocking the target url which is not part of the configured valid target domain, and the requests are being forwarded to the target url.
We tested by accessing "https://abc.com/login/logoff.fcc?TARGET=https://firewall.com", and observed that the agent redirects me to firewall.com instead of blocking it.
How can we configure Siteminder to reject this request?
Fiddler trace showed that the request was not processed as the webagent was configured to ignore the .fcc extension
Remove the .fcc extension from the ignoreext ACO parameter and then restart the webagent