Layer 7 Access Management

Expand all | Collapse all

While accessing 2 applications in the same browser window, we are getting authorization rejection

Jump to Best Answer
  • 1.  While accessing 2 applications in the same browser window, we are getting authorization rejection

    Posted 05-21-2018 01:40 PM

    We have 2 federated applications , Say A.com and B.com, both are being accessed without any issue separately.

    But Suppose I have logged in to A.com and try to access B.com in the next tab of same browser window, we are getting authorization reject message.

    Similarly if we have logged in to B.com and try accessing A.com in next tab, we get authorization error.

    Authentication in both the cases is happening and both applications are federated application.

     

    Can you suggest something here.



  • 2.  Re: While accessing 2 applications in the same browser window, we are getting authorization rejection

    Posted 05-21-2018 05:54 PM

    Are both A.com<http://A.com> and B.com<http://B.com> application protected by the same user directory object? Is it the same policy store?

    Can you share policy server trace logs where it does AZ reject?

     

    Sent from my iPhone



  • 3.  Re: While accessing 2 applications in the same browser window, we are getting authorization rejection

    Posted 05-22-2018 11:37 AM

    Hello Ujwol,

    Both the applications are protected by different user directories but same policy store(as same policy server is in place)



  • 4.  Re: While accessing 2 applications in the same browser window, we are getting authorization rejection
    Best Answer

    Posted 05-22-2018 01:24 PM

    That explains. For this to work, the user directory has to be the same.



  • 5.  Re: While accessing 2 applications in the same browser window, we are getting authorization rejection

    Posted 05-23-2018 08:54 AM

    Hi Ujwol, 

     

    Can you please elaborate, as by the time user hit second application there will be a valid smsession in the browser. SSO sees a valid session so using the same session authorization call made against a different directory and it fails... 

     

    If same case happen with normal application not the federated one then login page will be thrown and smsession will be getting updated with second application's user directory. 

     

    Thanks! Alok



  • 6.  Re: While accessing 2 applications in the same browser window, we are getting authorization rejection

    Posted 05-22-2018 02:45 PM

    Satyendra, Ujwol's answer is correct, I believe. But, if you still have a problem after making the same user directory for both apps, then please open a case with Support, providing all PS, agent and federation logs and traces.

    Thanks, - Vijay