CA Single Sign On Secure Proxy Server (SiteMinder)AXIOMATICS POLICY SERVERCA Single Sign On SOA Security Manager (SiteMinder)CA Single Sign-On
Issue/Introduction
This question that came up is regarding for two multi-domain situations, where there's a need for using Cookie Provider (CP), first for Impersonation , and, secondly, for Federation. Two separate environments.
Is Cookie Provider supported in the Impersonation and Federation environments?
Environment
SiteMinder 12.52 Sp2 Agent 12.51 SP1 CR4
Resolution
Cookie Provider (CP) usage for Impersonation and Federation environments, not supported OOB for the above environment.
Impersonation & CP -------------------------- There's no OOB support / mention in the docs for Cookie Provider for multiple cookie domains with Impersonation. See the below link: https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/configuring/policy-server-configuration/impersonation/configure-impersonation#ConfigureImpersonation-MultipleCookieDomainSupport
Federation & CP --------------------- From the R12.52SP2 product guide: https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/release-notes/known-issues-in-release-12-52-sp2/known-issues-for-federation#KnownIssuesforFederation-FederationDoesNotSupporttheCookieProvider(172511)
Legacy and Partnership Federation Known Issues Federation Does Not Support the Cookie Provider (172511) CA SiteMinder® Federation produdcts, which use the Web Agent Option Pack, do not support the use of the Cookie Provider for federated configurations.