ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Prevent conflict in multiple SiteMinder environments


Article ID: 103498


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


Customer has two environment in Japan and US, they are separated, NOT SSO integration. 
When customer access to both these environment at same time by using one browser, he can't process SSO authentication.

SiteMinder environment which is different in admestic and global environment respectively in a customer environment is used. 
Although there is no setup of SSO and each does not cooperate directly, since a user uses the application under both environment, a problem will occur in that case. 

If domstic and global application are simultaneously opened within the same session (browser window), 
although authentication and access to global application is possble wihtout a problem, authentication is not possible to domestic application after that. 
(It does not change from a login page) 


CA Single Sign-On (CA SiteMinder) r12.52 SP1
OS: Windows Server 2008 R2 Enterprise 


It seems to be duplication of Cookie Domain. 
Since """is a sub-domain of", when Cookie of a same name is issued in "" side, the Cookie by the side of "" will be overwritten. 

This seems to be operation depending on a browser. 
There was a following report as occurring in IE. 
in this 
> [measure] 
> changing the session name can be considered as one of methods for avoiding the condition of this problem. 

Related to this, in order to change a session name from SMSESSION by SSO, I think that it will become the method of setting up a security zone and changing a SSOZoneName parameter. 

Siteminder Session renaming 

Security Zones for Single Sign-on

Additional Information

Siteminder Session renaming 

Security Zones for Single Sign-on