Prevent conflict in multiple SiteMinder environments
Article ID: 103498
CA Single Sign On Secure Proxy Server (SiteMinder)AXIOMATICS POLICY SERVERCA Single Sign On SOA Security Manager (SiteMinder)CA Single Sign-On
Customer has two environment in Japan and US, they are separated, NOT SSO integration. When customer access to both these environment at same time by using one browser, he can't process SSO authentication.
SiteMinder environment which is different in admestic and global environment respectively in a customer environment is used. Although there is no setup of SSO and each does not cooperate directly, since a user uses the application under both environment, a problem will occur in that case.
If domstic and global application are simultaneously opened within the same session (browser window), although authentication and access to global application is possble wihtout a problem, authentication is not possible to domestic application after that. (It does not change from a login page)
CA Single Sign-On (CA SiteMinder) r12.52 SP1 OS: Windows Server 2008 R2 Enterprise
It seems to be duplication of Cookie Domain. Since "jp.ca.net""is a sub-domain of ca.net", when Cookie of a same name is issued in "ca.net" side, the Cookie by the side of "jp.ca.net" will be overwritten.
This seems to be operation depending on a browser. There was a following report as occurring in IE. in this > [measure] > changing the session name can be considered as one of methods for avoiding the condition of this problem.
Related to this, in order to change a session name from SMSESSION by SSO, I think that it will become the method of setting up a security zone and changing a SSOZoneName parameter.