SMAUTHCHAIN cookie still active after clicking on the logout button in SPS
search cancel

SMAUTHCHAIN cookie still active after clicking on the logout button in SPS

book

Article ID: 380584

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder)

Issue/Introduction


Running CA Access Gateway (SPS), when this one present a SMAUTHCHAIN cookie, the cookie can be reused in other flow as well, which brings security risks.

 

Environment


Policy Server 12.80.800.2892;
CA Access Gateway (SPS) 12.80.800.2892.

 

Resolution


Upgrade CA Access Gateway (SPS) to 12.8SP9 to benefit from fix DE609918.

By upgrading CA Access Gateway (SPS) to 12.8SP9, upgrade also the Policy Server, the Policy Store data definitions and the AdminUI to 12.8SP9 to keep the full support and functionality.