Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events
SOLVED

siteminder header value

Avatar

Level 3

Hi,

I am not sure if this is the correct place to ask. I am using CA siteminder for authentication. So after successful login I am supposed to get logged in user name from siteminder header. So if the target url is a Jboss application the in HttpServletRequest object request.getHeader("sm_user") returns an encrypted value. whereas if I target url is CQ5 application page then on that page slingRequest.getHeader("sm_user") returns unencrypted value of user name. Can anyone tell me why this happening?

Thanks

-Dipen-

1 Accepted Solution

Avatar

Correct answer by
Level 10

Might there is custom authentication handler implemented to decrypt OR siteminder might have configured to not encrypt for cq requests. 

View solution in original post

2 Replies

Avatar

Correct answer by
Level 10

Might there is custom authentication handler implemented to decrypt OR siteminder might have configured to not encrypt for cq requests. 

Avatar

Level 3

Solved... Had to configure siteminder not to encrypt the header values.