In my application code I am using this kind of url to redirect user from one page to another page: http://myhost:8001/myapp/list.jsp?name=abc'd&age=10
Here name is the dynamic field which user can edit on the first page which can contain single quote inside it.
Now the problem is when I use siteminder for authentication each and every url gets passed through it. And siteminder thinks of this single quote as an attempt for such attack and blocks this url and takes user to some access blocked page.
How can I resolve this issue?
I don't think that URI encoding will work -- Siteminder is smart enough to figure that out. Some other kind of encoding, like base64, or just replacing apostrophes with something else and then replacing it back on the server side. Alternatively you can disable the BadCSSChar checking for the apostrophe in the Siteminder agent configuration. Just beware that you may be opening your site up to XSS attacks and your application must be responsible for checking any user-supplied strings before displaying them on a Web page.