Prevent conflict in multiple SiteMinder environments

Document ID : KB000103498
Last Modified Date : 27/06/2018
Show Technical Document Details
Issue:
Customer has two environment in Japan and US, they are separated, NOT SSO integration. 
When customer access to both these environment at same time by using one browser, he can't process SSO authentication.

SiteMinder environment which is different in admestic and global environment respectively in a customer environment is used. 
Although there is no setup of SSO and each does not cooperate directly, since a user uses the application under both environment, a problem will occur in that case. 

If domstic and global application are simultaneously opened within the same session (browser window), 
although authentication and access to global application is possble wihtout a problem, authentication is not possible to domestic application after that. 
(It does not change from a login page) 
Environment:
CA Single Sign-On (CA SiteMinder) r12.52 SP1
OS: Windows Server 2008 R2 Enterprise 
Resolution:
It seems to be duplication of Cookie Domain. 
Since "jp.ca.net""is a sub-domain of ca.net", when Cookie of a same name is issued in "ca.net" side, the Cookie by the side of "jp.ca.net" will be overwritten. 

This seems to be operation depending on a browser. 
There was a following report as occurring in IE. 
in this 
> [measure] 
> changing the session name can be considered as one of methods for avoiding the condition of this problem. 

Related to this, in order to change a session name from SMSESSION by SSO, I think that it will become the method of setting up a security zone and changing a SSOZoneName parameter. 

Siteminder Session renaming 
https://comm.support.ca.com/kb/siteminder-session-renaming/kb000037286#/ 

Security Zones for Single Sign-on
https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/configuring/web-agent-configuration/security-zones-for-single-sign-on/
Additional Information:
Siteminder Session renaming 

Security Zones for Single Sign-on