search cancel

Two Applications on Single Web Server


Article ID: 128112


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


Is it possible to have two Applications on one Server with one Web Agent?

We have an Application Team that is trying to lower their footprint and would like to co-locate two of their Applications on one server. Is a Web Agent able to handle two applications at once?  If so, how would I go about that?


Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP


Yes, Web Agents can protect an unlimited number of applications on a single host.  This is driven by how a Web Agent determines whether a resource is protected or not. 

The Web Agent uses a combination of the requested URI and the resolved AgentName to make an IsProtected call to the Policy Server.  The Policy Server uses this information to match the request to a Realm.  If no match, or a match with an unprotected Realm, the resource is considered unprotected and the Web Agent will allow the request to proceed.  If there is a match with a protected realm, the Policy Server returns the Realm information to the Web Agent to allow the Web Agent to authenticate and authorize the user before allowing access to the resource.

The Web Agent resolves the AgentName based on the incoming request's HTTP_HOST header.  The Web Agent will attempt to match this host to a defined AgentName.  If no match with a defined AgentName, the request will resolve to the DefaultAgentName.  

Thus, any unique combination of AgentName (or DefaultAgentName) and request URI can be protected with a unique realm.  This allows separate applications to have their own protection levels, authentication schemes, and session properties such as timeout values.