Web Agent SMTRYNO cookie being reset on browser change
search cancel

Web Agent SMTRYNO cookie being reset on browser change


Article ID: 76512


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Agents (SiteMinder)



When looking to implement a message with the number of login attempts
left on the login.fcc page by using smretries & SMTRYNO cookie. The
message is being displayed fine when the user is in the same browser
but the SMTRYNO value is being reset when they close and reopen the
browser again, or switch to a different browser, which causes to show
the wrong message. How can the remaining login attempts be get to show
the message properly ?




CA Access Gateway (SPS) all versions
Web Agent all versions




Note that smretries and SMTRYNO is like a counter browser-based, which
purpose is to limit the amount of authentication attempts that can be
done on the browser. Then, the SMTRYNO cookie is set in the browser
headers, so when you switch or reopen the browser the count is not
taken into account anymore, as the cookie does not exist in the new
browser opened. This is as per design (1).

Therefore to achieve this implement custom code or find another way to
show the remaining attempts properly.


Additional Information



    Configure HTML Forms Authentication

      If you use the smretries directive in the login.fcc file, the Web
      Agent updates the SMTRYNO cookie in the browser for each failed
      login attempt. This cookie tracks the current number of failed login
      attempts. You can make your login.fcc form intelligent by adding
      javascript that looks for the SMTRYNO cookie then displays a message
      in the login screen itself.