SMSESSION is not getting changed while using with CA API Gateway

book

Article ID: 143426

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

 

We're running an API Gateway and when it protects a site and issues an
SMSESSION cookie, the session ends in 10 minutes and during this time,
the SMSESSION never gets update.

How can we fix this ?

 

Cause

 

By configuring the "Manage CA Single Sign-On Configurations" task,
there's an option related to the behavior you see :

Under "Tasks / Users and Authentication / Manage CA Single Sign-On
Configurations" you'll see the option :
 
  "Update SSO Token"

That option manages the behavior of Api Gateway to update or not the
SMSESSION cookie.

 

Environment

  Policy Server 12.7 on Linux;
  CA API Gateway 9.4 on Linux;

Resolution

 

Enable "Update SSO Token" by checking the option, to get the SMSESSION on every request.