Usage of "ValidTargetDomain" ACO parameter.

book

Article ID: 52598

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

On which server, portal server, authentication server, and cookie provider should we set the "ValidTargetDomain" parameter?

Solution:

The ValidTargetDomain parameter protects Web Agents from phishing attempts that could redirect users to a hostile Web site.

From the documentation, the "ValidTargetDomain" is used during Cookie Credential Collector (CCC) processing.

If you are using a cookie provider, it will be check by it as it is generating the cookie. You do not need to put it on the portal servers.

Environment

Release:
Component: SMAPC