SMAUTHREASON

book

Article ID: 188201

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


We're running a Web Agent and we'd like to know which smauthreason

code will be set if :

  1 - the new password has bad compositions;
  2 - the new password refers to a last password reuse;

as we have defined in our Password Policy. Which SmAuthReason value
each of both will trigger ?

Environment


Policy Server 12.8SP3 on RedHat 6;

Web Agent 12.52SP1CR10 on Apache 2.4.39 on RedHat 6;

Resolution


At first glance, both will have the smauthreason 22 :


As per this KD :

  SMAUTHREASON reason code document

    Sm_Api_Reason_BadPWChange = 22

  https://knowledge.broadcom.com/external/article?articleId=54936

1 - 

smpwservices_en-US.fcc

// Auth Reason 22 - Bad Password

with mention :

  "Your new password is too short. Passwords must contain at least 10
  characters."

2 - 

Sm_Api_Reason_BadPWChange = 22

with mention :

  "You may not reuse an old password"

forms_en-US/smpwservices_en-US.properties :

  szPasswordReuse = You may not reuse an old password