ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Usage of "ValidTargetDomain" ACO parameter.
Article ID: 52598
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
Description:
On which server, portal server, authentication server, and cookie provider should we set the "ValidTargetDomain" parameter?
Solution:
The ValidTargetDomain parameter protects Web Agents from phishing attempts that could redirect users to a hostile Web site.
From the documentation, the "ValidTargetDomain" is used during Cookie Credential Collector (CCC) processing.
If you are using a cookie provider, it will be check by it as it is generating the cookie. You do not need to put it on the portal servers.
Environment
Release:
Component: SMAPC
Component: SMAPC
Feedback
Yes
No
Powered by
