Previous Topic: Search User DirectoriesNext Topic: Named Expressions


Universal IDs

A Universal ID (UID) is a customer-specific user identifier to any application that is under CA SiteMinder® control. UIDs are often different from user login names.

UIDs allow CA SiteMinder® to bridge the gap between new applications and legacy applications or to avoid changes in underlying user repositories. The goal is to make the process of delivering this ID to applications automatic, regardless of the number or types of applications. For example, a company may have legacy applications that look up user information according to an employee ID number. Since the Policy Server uses a login name to identify a user in a directory, the UID provides a means for the Policy Server to identify the user, while still collecting the employee ID number from a user directory for use by other applications.

When you configure a user directory connection in the Administrative UI, you can specify a UID in the User Attributes group box on the User Directory pane.

More information:

How to Configure a CA Directory User Directory Connection

How SiteMinder Uses UIDs

When you configure a user directory connection with a UID, once a user logs into CA SiteMinder®, the Policy Server fetches the UID from the designated attribute in the user’s directory profile.

This value is placed in the session ticket (SESSIONSPEC) and returned to the requesting CA SiteMinder® Agent. Web Agents make this value available to web-based applications in a header variable (HTTP_SM_UNIVERSALID). This value can be passed to applications or objects designed using the Agent API to validate the session ticket or to ask for an authorization. In either case the UID is returned as part of successful outcome.