The following article concerns whether it is possible to set up the following environment

• Apache web server with 2 Virtual Hosts
• Each Virtual Host should be able to use its own ACO as well as its own agent and its own policied

To clarify further, this article concerns using separate ACOs for each virtual server, and not just a single ACO with different ACO parameters

Two separate entry channels are needed in this scenario (e.g. example.com and example.net) with different ACO settings

Whether it is possible to set this up will depend on how the web server is configured

• If there is a single Web Server instance (e.g. a single Apache instance or single httpd.conf) then you can only have one ACO defined. Such would be the case if you define several virtual hosts in Apache
• Apache can however create multiple instances within one single install of Apache, and in this case there would be an httpd.conf for each instance of apache. In this situation one could map a unique WebAgent.conf (with a unique ACO) for each httpd.conf. Each httpd.conf could be an independent Web site (e.g. example.conf or example.net)

In summary:

• A virtual host will not support different ACO but Apache instance will.
• The server Path within each WebAgent.conf has to be Unique so the Shared memory and Semaphore do not overlap.
• Running Vhost configuration with separate ACO can cause anomalies.

To SSO between the two domain you will need to configure Security zones or Cookie provider:

All Web Agents can act as a CookieProvider. It is only a matter of designating one to act as the Cookie Provider. Pointing all other Web Agent to that CookieProvider.

For more information see:

Using a Cookie Provider for Cross Domain SSO - CA Technologies

Security Zones for Single Sign-on