Running Web Agent, how to integrate it with a front end Reverse Proxy, that doesn't run a Web Agent?

There are concerns about:

1. How to make the backend Web Agent to set the target to the value of the front end Reverse Proxy?
2. How to make the backend Web Agent to set the cookie domain to the one of the front end reverse proxy?
3. Web Application has iframes going to different backend servers, causing problems with handling 3rd party cookies, cross-domain, samesite etc.

The main challenge is the Authentication.

The answer is to put a Web Agent in the Reverse Proxy.

So, the Reverse Proxy Web Agent will handle the authentications, including the cookie domain and the target.

The backend Web Agent will just validate the SMSESSION cookie and authorize the user accordingly.

Still, there will be a need to configure the Reverse Proxy rules manually to get the request redirected to the expected backend server.

The configuration of the URL rewriting as well as the cookie domains will still need to be done manually too.

Meanwhile, there's a more scalable solution for such an architecture.

Putting a CA Access Gateway (SPS) as the Reverse Proxy will not only allow you to handle the cookie domain and target correctly, but it will let manage and integrate new functionality if needed in the near future (1).
   
The simplest architecture to solve the browser issues, and ease the maintenance of the architecture would be to put a CA Access Gateway (SPS) as the Reverse Proxy.

The CA Access Gateway (SPS) runs and embedded Web Agent that will take care of handling the cookie's domain, as well as setting the target as expected (2)(3).

1. Agents and Reverse Proxy Servers Overview
   
   
2. Access Gateway Architecture Introduced
   
   
3. Integrating Access Gateway with SiteMinder