![Previous Topic: SiteMinder's [Basic] Password Services](574.png)
SiteMinder Web Agents can be configured to use persistent cookies. When this option is turned on, the user authenticates once from a particular machine/browser and a permanent record of that authentication is stored in a cookie. Whenever the user accesses the site from the same machine/browser, the user is not authenticated again (though the user is re-validated to ensure that the cookie is still valid).
APS is not involved in the validation process, only in the authentication process. If persistent cookies are to be used, the following functionality of APS will not work properly, since the user's last login date will not be recorded (last login implies authentication). None of these options can be used with persistent cookies.
Since users don't authenticate, there is no last login date upon which to base the calculation.
Since users don't authenticate, there is no last login date upon which to base the calculation.
The detection of this situation occurs during the authentication process, which is not invoked.
The detection of this situation occurs during the authentication process, which is not invoked. Users will not be disabled at the end of their grace period.
APS is not invoked during user validation (which occurs when a persistent cookie is presented), only during authentication. Thus, the above functionality is not operable.
However, Force Change Password and Expired Password (as during the grace period) can still be handled using the AZRedirect capability, since AZRedirect is invoked in all cases. If the site does not use AZRedirect, then APS functionality will only occur during the initial authentication (when the persistent cookie is created) and will never be invoked again.
Of course, voluntary password changes will work correctly, since it does not involve the authentication process.
|
Copyright © 2014 CA.
All rights reserved.
|
|