ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

HTTP DELETE method not allowed in CA Single Sign On

book

Article ID: 187435

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

We are running CA Single Sign on 12.8 SP2.  We have a new functionality to allow HTTP DELETE and HTTP PUT request.

Usually we allow only GET and POST. So I modified the Realm Rule to add PUT and DELETE methods too.

After adding that, the PUT request is going through but the DELETE request is failing with an AzReject.

Should we enable anything else in particular for HTTP DELETE requests? I read the documentation but could not find anything.

Environment

Release : 12.8 SP2

Component : SiteMinder Federation(Federation Manager)

Resolution

1. To the SiteMinder Web Agent, it doesn't really process the GET or PUT or DELETE command, it is the web server doing it.

2. Agent will intercept the request received by web server, then check what is the ACTION and the resource, the ACTION to web agent is just a string.

3. As long as you registered the ACTIONS correctly to the web agent, and the rules were correctly configured and policy associated, policy server should authorise.

4. Again, siteminder doesn't really understand what those ACTIONS are, we only deal with logic.

5. so to siteminder, GET or PUT or DELETE are just words to match, if the configured rule and policy allows, then the agent will let the request go through, hand it over to the web server to process.

6. But if the logic is somehow not working, then it is either a misconfiguration or, cache not flushed yet.