How to configure SSO between 2 SiteMinder environment - Session ticket key?

book

Article ID: 51002

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

In order to have SSO between 2 SiteMinder environments (6x and 12x) you need to have the same session ticket key.
A session ticket is established each time a user authenticates successfully and enables the Policy Server to determine how long a user's session can continue.

Solution:

If you have 1 shared key store you can use a key generated by the policy server.
If you have 2 different key store, you need to manually enter the session ticket key in both environment, the key should be the same. Automatically generated keys cannot be propagated across independent key stores by the Policy Server.

In all other instances it is recommended that you use the session ticket key generated by the Policy Server algorithm.
Note that this algorithm is different depending on the policy server version (6x or r12)

Environment

Release:
Component: SMPLC