Two factor authentication with SiteMinder Policy Server

Document ID : KB000053407
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

I'm trying to implement two factor authentication in one of our applications.

The first part of authentication is through the FCC, which requires user id and password for entering into the application.

When the users enter id and password, the user should be authenticated and authorized, and again should get a challenge response page (Second level authentication) of entering the mother maiden's name or Date of Birth.

If the user uses the same computer to log in again, the second authentication should not appear, or if the user is trying to access the application from the other system, he/she should be challenged with the second authentication.

Can you please provide me the inputs on how to enable the second factor?

Solution

SiteMinder Policy Server does not provide any authentication scheme chaining out of the Box, but this could be accomplished via a Custom Authentication Schema.

Please note that custom projects are generally out of the scope of SiteMinder support team. On the other hand if you are considering implementing this custom auth scheme on your own and need general guidelines SiteMinder Support can assist with better understanding of how the API works or explanation of our examples provided with the SDK. Unfortunately we will not be able to fix bugs or assist in writing this code for you.