Cookie Provider for Impersonation and Federation

book

Article ID: 102870

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

This question that came up is regarding for two multi-domain situations, where there's a need for using Cookie Provider (CP), first for Impersonation , and, secondly, for Federation. Two separate environments.

Is Cookie Provider supported in the Impersonation and Federation environments? 

Environment

SiteMinder 12.52 Sp2
Agent 12.51 SP1 CR4

Resolution

Cookie Provider (CP) usage for Impersonation and Federation environments, not supported OOB for the above environment.

Impersonation & CP
--------------------------
There's no OOB support / mention in the docs for Cookie Provider for multiple cookie domains with Impersonation. See the below link:
https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/configuring/policy-server-configuration/impersonation/configure-impersonation#ConfigureImpersonation-MultipleCookieDomainSupport 

Federation & CP
---------------------
From the R12.52SP2 product guide: 
https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/release-notes/known-issues-in-release-12-52-sp2/known-issues-for-federation#KnownIssuesforFederation-FederationDoesNotSupporttheCookieProvider(172511) 

Legacy and Partnership Federation Known Issues 
Federation Does Not Support the Cookie Provider (172511) 
CA SiteMinder® Federation produdcts, which use the Web Agent Option Pack, do not support the use of the Cookie Provider for federated configurations.