Policy Server :: User Session : Password Change

book

Article ID: 48722

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

I would like to know if there is any way to end a User Session when its password in the User Store is changed?

Solution:

User Stores do not communicate natively with Policy Server to modify data, and as such, if a User account's password is reset in the User Store, there is no out-of-the-box functionality to connect to the Policy Server to end the User's Session.

Neither the Policy Server would not try to re-authenticate the User unless there is some kind of requirement to do so as the session has idle timed out or reached the max timeout.

Note that the Session Ticket contains the User's attributes but not its password:

https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC484615

Environment

Release: SOASMU99000-12.5-SOA Security Manager-Upgrade
Component: