Description:

Customer gets confuse on the concept of Security zone and Cookie Provider.

Solution:

Security Zone:

Single Sign On Security Zones is used to segment application SSO within a single cookie domain.

The Agent will synchronize sessions across domains for only its configured SSO zone.

All application in the same SSO zone allow SSO amongst themselves.

Two single sign-on parameters have been added in the ACO to configure Security Zones: SSOZoneName, SSOTrustedZone.

Refer Chapter - Single Sign-On Security Zones in Web Agent Configuration Guide for more details.

Cookie Provider:

SiteMinder implements single sign-on across multiple cookie domains by passing a user s identity and session information between Web Agents using cookies.

Cookies are passed across the single sign-on environment by the SiteMinder cookie provider.

Therefore, if customer would like to achieve SSO with different domains (CA1.COM, CA2.COM, and so on), customer needs to configure various multi-cookie domain configurations with cookie providers.

Refer Chapter - Single Sign-On (SSO) in Web Agent Configuration Guide for more details.