We're running a Web Agent to offer Kerberos Authentication Scheme. We'd like to know if it issupported to have 2 Kerberos Authentication Scheme on the same Web Agent ? The Web Agent acts as cookie provider.
We'd like to know also if this has been tested internally.
At first glance, as this is not a scenario offered in thedocumentation, that might work having probably some customization. Asyou know, we provide out of the box configuration of Kerberos Authentication Scheme.
You should note that we support multiple Kerberos Domains in the samekrb5.conf file. As such, having different instances of Web Agents, youmight probably be able to achieve your goals.
In order to have more concrete experience feedback about this, westrongly suggest you to consult CA Services. This team manage to doimplementation of CA Single Sign-On in companies, and as such, theyare the best positioned to tell you if this specific setting has oncebeen implemented successfully.
To get in touch with CA Services :
Contact CA Serviceshttps://www.ca.com/us/contact/services.html
But here I cannot guarantee you 100% that this will work. In order toget this setting fully QA'd, we'd like you to open and Idea on theSecurity page :
1. Go to the CA Security Overview Page :https://communities.ca.com/community/ca-security/ca-single-sign-on2. Click on the "Actions" drop-down menu and select "Create anidea."3. Give your idea a title and detailed description to encouragevoting.4. Publish and vote on your idea!
KB : KB000112176