Siteminder Header HTTP_SM_USER not received when SPS do REDIRECT to the Application
Article ID: 247630
Updated On:
Products
Issue/Introduction
[Use case]
[Browser] --> [SPS] --> <nete:REDIRECT>{Application}</nete:REDIRECT>
[Browser] --> [Application]
Browser access SPS (get authenticated) and gets redirected to the Application.
There is no SM_USER header received at the Application.
Environment
Release : 12.8.06
Component : Access Gateway
Resolution
[Setup]
Access Gateway is listening on the following hostnames.
1. https://sps.demo.lab
--> This will forward to http://application.demo.lab:444
[Browser] --> [SPS] --> [Application]
2. https://application.demo.lab
--> This will redirect to http://application.demo.lab:444
[Browser] --> [SPS]
[Browser] --> [Application]
http://application.demo.lab:444 is IIS backend server which displays headers.
[Use case1]
1. Access https://sps.demo.lab/html/ and get challenged.
2. User login
3. Check for SM_USER header.
[Use case2]
1. Same as [Use case 1]
2. Access https://application.demo.lab/ and get <nete:redirect> to http://application.demo.lab:444/
3. Check for SM_USER header.
Both use cases are getting the header information from the same IIS server.
Use case1 shows SM_USER header but Use case2 does not.
In fact, there are no SiteMinder headers in the Use case2.
This is an expected behavior.
If SiteMinder headers need to be made available at the application then the <nete:forward> need to be used.
Feedback
