Difference between SECURITY ZONE and Cookie Provider

book

Article ID: 51520

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

Customer gets confuse on the concept of Security zone and Cookie Provider.

Solution:

Security Zone:

Single Sign On Security Zones is used to segment application SSO within a single cookie domain.

The Agent will synchronize sessions across domains for only its configured SSO zone.

All application in the same SSO zone allow SSO amongst themselves.

Two single sign-on parameters have been added in the ACO to configure Security Zones: SSOZoneName, SSOTrustedZone.

Refer Chapter - Single Sign-On Security Zones in Web Agent Configuration Guide for more details.

Cookie Provider:

SiteMinder implements single sign-on across multiple cookie domains by passing a user s identity and session information between Web Agents using cookies.

Cookies are passed across the single sign-on environment by the SiteMinder cookie provider.

Therefore, if customer would like to achieve SSO with different domains (CA1.COM, CA2.COM, and so on), customer needs to configure various multi-cookie domain configurations with cookie providers.

Refer Chapter - Single Sign-On (SSO) in Web Agent Configuration Guide for more details.

Environment

Release:
Component: SMPLC