CA SiteMinder® Federation Standalone Guide › Delegated Authentication › How the Third Party WAM Passes the User Identity

How the Third Party WAM Passes the User Identity

The third-party WAM system can use one of two methods to pass a federated user identity to CA SiteMinder® Federation Standalone:

• Using a legacy cookie or open format cookie.

  The open format cookie can be encrypted to ensure the security of the data.

• Using a query string appended to a redirect URL that sends the browser to CA SiteMinder® Federation Standalone.

  The query string is sent in clear text, and it does not produce a FIPS-compliant partnership.

  Important! Do not use the query string method in a production environment. The query string redirection method is only for a testing environment as a proof of concept.

The method a third-party WAM system chooses depends on the configuration it wants to establish for passing a user identity to CA SiteMinder® Federation Standalone.

The methods of passing the user identity are detailed in the following sections.