i have 2 siteminer applications and both are siteminder protected. Application 2 is launched from Application 1 with Javawcript window.open() and passes some querystring parameters. Application 1 siteminder cookie is scoped to the fqdn , lets say app1.mydomain.com Application 2 siteminder cookie is scoped to mydomain.com i noticed that once the application 1 authenticates user , application 2 does not authenticate the user. is this expected ? what can be done to enforce authentication by application 2?
1
There are 1 best solutions below
Related Questions in AUTHENTICATION
- Authenticate Flask rest API
- Sends a personalised error message from the back-end to the front-end with Nuxt-auth
- How to connect Spotify PKCE Authorization Boilerplate to Login-Button in React
- Laravel SPA auth with Sanctum
- _supabaseClient__WEBPACK_IMPORTED_MODULE_1__.supabase.auth.signIn is not a function
- My openID Authentication return 'You must have either https wrappers or curl enabled.'
- How to detect the Minimization of Custom Chrome Tabs on Android?
- Wordpress redirect to homepage after successfully logged in
- How to modify the prebuilt UI of authentication in aws amplify version 6 in React Native
- Creating a login system for my website, navlist not working?
- Receiving 400 bad request on post when customer auth handler is used
- Creating Azure B2B login system with Vue.js frontend & Python Django backend
- Gradio chatbot: how to export individual conversation histories?
- Set-Cookie header not forwarded by nginx to the client
- git asking for authentication when auth.json is present while running composer update
Related Questions in COOKIES
- Loading Google Analytics after the user consents to cookie usage
- Express session is not seened in server code
- Cookie doesn't send different domain django and react
- Storing settings in cookies
- Cant handle Session's cookie when Safari/iOS
- Create new cookie with host only set to false in chrome extension
- 3rd Party cookies error on deployment server
- Access Cookies in TRPC fetch handler
- My project uses cookiebot but when I accept cookies at the start of website it deletes my localstorage data
- Postman receiving cookie but my browser isn't receiving it when I try
- Nextjs: Ability to fetch HTTPS-ONLY cookies using server actions, is there a vulnerability?
- Cant send cookie at res when user using Safari/iOS
- Initialize a singleton from cookies for a ASP.NET Core Razor project
- JS doesn't put cookies after domain change for localhost
- Unable to set cookies from hosted backend (https://dev.abcd.com) to localhost of frontend
Related Questions in SITEMINDER
- Issues with load balancer with siteminder login issue
- SM Session Authentication issue from Site Minder getting HTML Login Page
- unable to flush/delete cookie after each request
- OAuth2 client - redirect url not allow localhost
- Siteminde policy serveur capacity
- UI application is not opening with VIP URL but UI application is working as expected with Apache HTTPD URL
- How to retrieve SSO CA Siteminder's headers from Spring + React application
- Siteminder Authentication in Single Page Application
- ca siteminder saml sso proxyrule namespace case can not forward
- How to do a logout from SiteMinder session for a Pivotal Cloud Foundry hosted JSP/Servlet application?
- Siteminder and SameSite Cookie attribute
- VBA and Excel: surfing a site bypassing authentication protected by Siteminder
- What will be the Entity ID for my 1 IIS server hosting 2 websites?
- How do I create Request-Header Authentication (Siteminder) java config class
- URL fragment removed by IE after 302 login redirect
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
are you able to see the smsession cookie being passed from app1 to app2 in browser? simple way to check is through developers tool in the browser.
Also check what is the scope of cookie domain in your ACO. for interoperatibility between applications in the same domain it should be usually set to 2. for example for app1 and app2 in .mydomain.com cookie domain scope should be 2 and cookiedomain should be .mydomain.com
Most of the time i have seen this kind of issue is due to invalid or no settings in cookie domain or cookie domain scope in ACO.