V-204809
SV-204809r981696_rule
CAT II
The application server must conform to Federal Identity, Credential, and Access Management (FICAM)-issued profiles.
From: Application Server Security Requirements Guide (V4R4)
Description
<VulnDiscussion>Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0.
This requirement addresses open identity management standards.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review the application server documentation and configuration to determine if the application server conforms to FICAM-issued profiles.
If the application server does not conform to FICAM-issued profiles, this is a finding.
Fix Text
Configure the application server to conform to FICAM-issued profiles.
CCI Reference
CCI-004085- Created
- 2026-04-07 20:08:11
- Last Updated
- 2026-04-07 20:08:11