AutoAuthorizeOptions Agent Configuration Object parameter

book

Article ID: 51284

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



What is the AUTOAUTHORIZEOPTIONS ACO parameter?

When and why has it been introduced?
 

Environment

Release:
Component: SMIIS

Resolution

The AUTOAUTHORIZEOPTIONS ACO parameter has been introduced with
Webagent 6QMR5CR21 to enforce Sharepoint integration.

It can also be used with standard Webagent to open office document
when another login box pops up even if the user has already
authenticated.

It prevents the use of persistant cookies for this specific scenario.

AutoAuthorizeOptions="Yes", informs the Web Agent to auto authorize a
request where the method of the request is "OPTIONS" as opposed to
"GET", "PUT", "POST", etc...

To illustrate :

Configure the Web Agent ACO as :

   AutoAuthorizeOptions="Yes"

then the request with the Action as Options :

  Request :

  OPTIONS /mywebsite HTTP/1.1

  Response :

  HTTP/1.1 200 OK

Further reading to handles other Action as HEAD, PROPFIND, etc.

Allow Automatic Access to Resources that use the OPTIONS Method
https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/web-agent-configuration/single-sign-on-cookie-domains-and-web-agents/configure-web-agent-single-sign-on-settings