SiteMinder Session cookie grace period in API Gateway

search cancel

SiteMinder Session cookie grace period in API Gateway

book

Article ID: 143720

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

When running API Gateway integrated with SiteMinder, how to implement the grace period for the SMSESSION cookie?

Environment

API Gateway 10.0
SiteMinder 12.8

Resolution

At first glance, SiteMinder uses an ACO to control the grace period for the SMSESSION cookie to be renewed, in order to avoid that "the agent waits from the last accessed time of the received session cookie before it generates a new session cookie" (1).

The API Gateway supports only 9 ACO at the moment (2).

This ACO is not available for API Gateway.

Additional Information

Session Grace Period and Update Period Settings
Fetch ACO Properties to the Gateway Policy for Composing SMSESSION Cookie with SSOToken

Feedback

thumb_up Yes

thumb_down No