SMSESSION is not getting changed while using with CA API Gateway
search cancel

SMSESSION is not getting changed while using with CA API Gateway

book

Article ID: 143426

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


When running an API Gateway and when it protects a site and issues an SMSESSION cookie, the session ends in 10 minutes and during this time, the SMSESSION never gets updated.

How to make the SMSESSION cookie to be updated on each request?

 

Environment


  Policy Server 12.7 on Linux;
  CA API Gateway 11.x on Linux;

Cause


By configuring the "Manage CA Single Sign-On Configurations" task, there's an option related to this behavior:

Under "Tasks / Users and Authentication / Manage CA Single Sign-On Configurations", look for the option:
 
  "Update SSO Token"

That option manages the behavior of the CA API Gateway to update or not the SMSESSION cookie.

 

Resolution

 
Enable "Update SSO Token" by checking the option, to get the SMSESSION on every request.

 

Powered by Wolken Software