Authenticate Against CA Single Sign-On Assertion issue

book

Article ID: 198245

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

We are trying to uses two SSO context in one policy, when running in debug mode after the first context the gateway hangs when attempting to use start the second SSO context [ (2) isProtected assertions]

Environment

Release : 9.4

Component : API GATEWAY

Resolution

Attached sample policy that works for a similar scenario.

Based off how to configure policy using "All assertions..." and "At least one assertion..."

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-4/policy-assertions/assertion-numbering.html

The first block “At least one assertions must be true” isProtected for NEW context SSO environment is made but session ticket invalid. Goes to the second “At least one assertions must be true” isProtected for OLD context SSO environment is made session ticket valid ALL OKAY

Attachments

1598546233087__debug.jpg get_app

1598546073721__validate4.xml get_app

Feedback

thumb_up Yes

thumb_down No