|
|
|
Although SOA Security Manager is primarily designed to provide message content-based security for web services, it also provides limited support for SiteMinder session ticket-based session management. A SiteMinder session ticket contains basic information about the user account associated with a request and that user’s authentication information; it can be used to identify the user’s session across all sites in a single sign-on SiteMinder/SOA Security Manager environment.
SOA Agents that have access to HTTP header information can be configured to accept and maintain SiteMinder sessions obtained from session tickets associated with a web service request received over HTTP transport.
SOA Agents that support SiteMinder session ticket validation accept the XMLSDKAcceptSMSessionCookie configuration parameter. For more information, see the SOA Security Manager Agent Configuration Guide.
Note: For more information about SiteMinder user tickets, see the SiteMinder documentation.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |