Customer has one app protected by forms auth and another via x509 auth. If we first authenticate by accessing the application protected by forms, we're unexpectedly challenged for authentication by the application protected with x509. We don't see any errors indicating why the first session is not being honored. The expectation is users can access the x509 app without being challenged if they've already visited the app protected with forms auth.
The two applications were in different cookie domains and the cookie provider configuration was invalid.
Release : All
Component : SITEMINDER POLICY SERVER
The designated cookie provider had a cookie provider specified, and this is an invalid configuration. Agents which act as a cookie provider should have no CookieProvider specified.