We are looking to establish the following:
Apache -- 2 vhosts -- both pointing to their own ACO setting with their own agent and Policies as well.
NOTE: We need separate ACO and not just AgentName with 1 ACO. We have 2 separate entry channels (domain1.com and Domain2.com) and they need to have different ACO settings.
It is dependent on how the web server is configured if it's a single Web Server instances e.g. Apache Instance (single httpd.conf) you could only have one ACO configured.
Apache we can create multiple instances of Apache using a single install of Apache. Thus, there is an httpd.conf per instance of Apache.
We could now map a unique WebAgent.conf (with a unique ACO in each) to each httpd.conf. Each httpd.conf could be an independent WebSite (e.g. abc.com or xyz.com).
NOTE:
- A virtual host will not support different ACO but Apache instance will.
- The server Path within each WebAgent.conf has to be Unique so the Shared memory and Semaphore do not overlap.
- Running Vhost configuration with separate ACO can cause anomalies.
To SSO between the two domain you will need to configure Security zones or Cookie provider:
All Web Agents can act as a CookieProvider. It is only a matter of designating one to act as the Cookie Provider. Pointing all other Web Agent to that CookieProvider.
For more info:
Using a Cookie Provider for Cross Domain SSO - CA Technologies
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec456839.aspx
For more info:
Security Zones for Single Sign-on
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/web-agent-configuration/security-zones-for-single-sign-on