Web Agent SMSession shared between users within multiple instances

search cancel

Web Agent SMSession shared between users within multiple instances

book

Article ID: 191996

calendar_today

Updated On: 03-26-2025

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

When running a Web Agent and when user <user1> accesses a resource, then its session gets later used for user <user2>.

Resolution

To prevent SMSESSION to be cached in proxies, the ExpireForProxy and ProxyTrust will help as stated in the documentation (1).

Read carefully the documentation as other parameters are needed to be set along with these.

Further, as there's a Load Balancer, implement the stickiness feature (2).

If possible, to prevent more than 1 IP to use it, implement IP check for the cookie (3)(4).

Additional Information

Configure Agents that Sit behind Proxy Servers
Persistence
Verify IP Addresses
Configure IP Address Validation

Feedback

thumb_up Yes

thumb_down No