Anonymous Authentication Scheme with Federation

book

Article ID: 37326

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Introduction: 

Anonymous Authentication Scheme with Federation

Question: 

Can Anonymous Authentication Scheme be used with Federation?

Environment:  

R12 SP2/3, R12.5, R12.51, R12.52

Answer: 

Federation requires valid SMSESSION but when we use Anonymous authentication, you get SMIDENTITY cookie but not SMSESSION, Hence when the Federation Request to validate the session, It says Current session is not a valid session and Session cookie does not exists and finally redirecting to authentication url ( it will be looping).

[12/08/2015][00:51:04][1956][2204][22b6adfe-2c63588e-45ceec29-6d747ca0-dd94e386-c80][FWSBase.java][isValidSession][No SESSION cookie on request.]

[12/08/2015][00:51:04][1956][2204][22b6adfe-2c63588e-45ceec29-6d747ca0-dd94e386-c80][SSO.java][processRequest][Force Authn is disabled.]

[12/08/2015][00:51:04][1956][2204][22b6adfe-2c63588e-45ceec29-6d747ca0-dd94e386-c80][SSO.java][processRequest][Current session state is: false]

[12/08/2015][00:51:04][1956][2204][22b6adfe-2c63588e-45ceec29-6d747ca0-dd94e386-c80][SSO.java][processRequest][Current session is not a valid session.]

[12/08/2015][00:51:04][1956][2204][22b6adfe-2c63588e-45ceec29-6d747ca0-dd94e386-c80][SSO.java][processRequest][Session cookie does not exists. redirecting to authentication url [CHECKPOINT = SSOSAML2_AUTHENTICATIONURL_REDIRECT]]

Hence Federation does not support Anonymous authentication

Environment

Release: SOASMU99000-12.5-SOA Security Manager-Upgrade
Component: