We have a reverse proxy server and some backend web servers. Web Agent has been installed on each server and the cookie domains are different between the reverse proxy server for extranet access and backend web servers in intranet.
Do we need a cookie provider for the cross-domain single sign-on between them?
No, you don’t need it.
The SMSESSION cookie received by the reverse proxy server is passed to the backend web servers as a part of HTTP request header variables. Backend web servers can receive SMSESSION cookies from the reverse proxy server without cookie provider.
SMSESSION cookies are processed again on the backend web servers. If you would like to reduce the CPU load, please consider to use the ProxyAgent and ProxyTrust parameters in Agent Configuration Objects.