ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Authenticate Against CA Single Sign-On Assertion issue


Article ID: 198245


Updated On:


CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway


We are trying to uses two SSO context in one policy, when running in debug mode after the first context the gateway hangs when attempting to use start the second SSO context [ (2) isProtected assertions]





Release : 9.4

Component : API GATEWAY


Attached sample policy that works for a similar scenario.  

Based off how to configure policy using "All assertions..." and "At least one assertion..."

The first block “At least one assertions must be true” isProtected for NEW context SSO environment is made but session ticket invalid.  Goes to the second  “At least one assertions must be true” isProtected for OLD context SSO environment is made session ticket valid ALL OKAY 




1598546233087__debug.jpg get_app
1598546073721__validate4.xml get_app