Web Agent SMSession shared between users within multiple instances
search cancel

Web Agent SMSession shared between users within multiple instances

book

Article ID: 191996

calendar_today

Updated On: 03-26-2025

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


When running a Web Agent and when user <user1> accesses a resource, then its session gets later used for user <user2>.

 

Resolution


To prevent SMSESSION to be cached in proxies, the ExpireForProxy and ProxyTrust will help as stated in the documentation (1).

Read carefully the documentation as other parameters are needed to be set along with these.

Further, as there's a Load Balancer, implement the stickiness feature (2).

If possible, to prevent more than 1 IP to use it, implement IP check for the cookie (3)(4).

 

Additional Information