Symantec Access Management

Expand all | Collapse all

IWA and URLs

Jump to Best Answer
  • 1.  IWA and URLs

    Posted 12-04-2015 07:34 PM

    Hi,

     

    I have IWA configured for one of my SPS servers.

     

    Say my SPS server hostname is sps.test.net. However, the SSL Certificate and the URL for this server is sps.test.com

     

    I've deployed and protected a headers.jsp that dumps all headers. I've protected this with the IWA auth scheme.

     

    The issue I'm having is, when I use the hostname in the URL, IWA works fine. for example http://sps.test.net/affwebservices/redirectjsp/headers.jsp , It logs me in fine

     

    But, when I switch to the actual URL, http://sps.test.com/affwebservices/redirectjsp/redirect.jsp , it gives me the NTLM challenge. Doesn't log me in automatically.

     

    Is this a browser setting or am I missing something in the ACO? Or does it have to do something with the cookie domain? I tried setting the cookie domain to .test.com in the ACO, but that didn't help either.

     

    Any suggestions?

     

    Regards,

    Anand.



  • 2.  Re: IWA and URLs
    Best Answer

    Posted 12-05-2015 08:28 PM

    Hi anand3g,

     

    If the Windows authentication scheme is setup with the server name sps.test.net, then the cookie will be generated with cookie domain "test.net", hence the user is not allowed to access http://sps.test.com resources.

     

    You can setup cookie provider to allow single sign-on across different cookie domains.

    For details, please refer to CA SiteMinder® Integrated Documents 12.52 SP1 .