Programming GuidesProgramming Guide for CAgent APICustom Agents and Single Sign-On › Login Through a Standard Agent

Previous Topic: Login Through a Custom Agent

Next Topic: Memory Deallocation
Login Through a Standard Agent

Here is the typical sequence of events in a single sign-on environment when the initial login is through the standard SiteMinder Web Agent:

  1. User logs in through the standard agent.
  2. Standard agent authenticates the user by challenging the user for credentials through the login call.
  3. SiteMinder creates the SMSESSION cookie in the user's browser and inserts the encrypted token containing session information.
  4. User requests a resource protected by a custom agent.
  5. The custom agent obtains the SMSESSION cookie from the user's request and extracts the token.
  6. The custom agent passes the token to the function Sm_AgentApi_DecodeSSOToken(). The function decodes the token and returns a subset of the token's attributes to the custom agent.
  7. The custom agent obtains the session specification from the token and passes the session specification to Sm_AgentApi_Login(). The login call validates the user without challenging the user for credentials.
  8. User requests a resource protected by a standard SiteMinder agent.
  9. The standard agent performs a login operation, which validates the user based on the contents of the SMSESSION cookie. The user is not challenged for credentials.

Copyright © 2010 CA. All rights reserved. Email CA about this topic