Integration with CA SSO (SiteMinder) and Gateway
search cancel

Integration with CA SSO (SiteMinder) and Gateway


Article ID: 139166


Updated On:


CA API Gateway


We have setup Layer7 to integrate with SiteMinder using the assertions OOTB (Check Protected Resource, Authenticate Against CA Single Sign-On, Authorization via CA Single Sign-On) and having an issue reading one of the custom HTTP Headers set by the policy server. SiteMinder should be returning the custom header as (<CompanyEnt>_ENTITLEMENTS,AA^BB^CC) but Layer7 is throwing the following Java error. All other Custom HTTP Headers are able to be seen and read. We can see the following error in the Gateway Debugger when reading the siteminder.smcontext.attributes for the following: Custom Header (<CompanyEnt>_ENTITLEMENTS,[Ljava.lang.String;@285915ec) I had our SiteMinder team replace the Caret "^" with a "," and can see the (<CompanyEnt>_TEST,AA,BB,CC)



Release : 7.1

Component : MOBILE API


SSO name value pair
Name: <CompanyEnt>_ENTITLEMENTS
Value: AA^BB^CC

The value is consistent with a multiple valued attribute, when configured in APIM it will be returned as comma separated attribute

Name: <CompanyEnt>_ENTITLEMENTS
Value: AA, BB, CC

How to retrieve the attribute
Define context variable where the attribute name = the name defined in SSO name/value pair
Set context in Gateway ${siteminder.smcontext.attributes.<CompanyEnt>_ENTITLEMENTS}

Customer ATTR:
OnAccess-User <CompanyEnt>_ENTITLEMENTS: AA, BB, CC