Second AdminUI behind reverse proxy doesn't recognize SMSESSION cookie
search cancel

Second AdminUI behind reverse proxy doesn't recognize SMSESSION cookie


Article ID: 218344


Updated On:


SITEMINDER CA Single Sign On Agents (SiteMinder)



When setting a new second AdminUI behind an already existing and
protecting AdminUI Reverse Proxy, after authentication, the new
AdminUI doesn't seem to recognize the SMSESSION cookie and as such,
the admin user needs to login manually in the out of the box AdminUI
Form Authentication Scheme.




  AdminUI 12.8SP5 on RedHat 7;
  Policy Server 12.8SP5 on RedHat 7;




There are limitations when setting Web Agent on Reverse Proxy to
protect AdminUI. If setting a second AdminUI protected by Apache
Reverse Proxy Web Agent, then the Web Agent should run on a distinct
and separated Apache Reverse Proxy instance (1). This implies a
separated and distinct Web Agent (2).

Install and configure separated Web Agent and Apache Reverse Proxy to
protect the second AdminUI 12.8SP5 to solve the issue.


Additional Information



    Configure an Apache Reverse Proxy Server to Proxy Requests to the UI

      If you have more than one Administrative UI to protect, protect each
      instance with a separate reverse proxy server.


    How to Set Up Virtual Server Support

      Although you configure only one Web Agent per web server, [...]