HTTP_SM_USER is null or empty

search cancel

HTTP_SM_USER is null or empty

book

Article ID: 281724

calendar_today

Updated On: 04-07-2024

Products

SITEMINDER

Issue/Introduction

The HTTP_SM_USER can be get from all_http, but when access it directly, it's empty.

Environment

Version 12.8.06

Webagent on IIS

Cause

Underscore in the header name seems not to be welcomed in many web servers.

Resolution

1. Set ACO (agent configuratioin objects) LegacyVariables=no

2. Access the header as HTTP_SMUSER

Sample asp code:

<%
Dim headerName
headerName = "HTTP_SMUSER" ' Specify the name of the header you want to retrieve

Dim headerValue
headerValue = Request.ServerVariables(headerName)


If headerValue <> "" Then
    Response.Write("Header " & headerName & " has value: " & headerValue)
Else
    Response.Write("Header " & headerName & " not found or is null.")
End If
%>

Other considerations:

1. certificate-based authentication will not have a user name

2. The default headers in https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/web-agent-configuration/web-application-protection/default-http-headers-used-by-the-product.html are request headers, not response headers, i.e. cannot get them from browser, can only get them on server side (by the web application)

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/web-agent-configuration/list-of-agent-configuration-parameters.html

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No