We have 2 federated applications , Say A.com and B.com, both are being accessed without any issue separately.
But Suppose I have logged in to A.com and try to access B.com in the next tab of same browser window, we are getting authorization reject message.
Similarly if we have logged in to B.com and try accessing A.com in next tab, we get authorization error.
Authentication in both the cases is happening and both applications are federated application.
Can you suggest something here.
Are both A.com<http://A.com> and B.com<http://B.com> application protected by the same user directory object? Is it the same policy store?
Can you share policy server trace logs where it does AZ reject?
Sent from my iPhone
Both the applications are protected by different user directories but same policy store(as same policy server is in place)
That explains. For this to work, the user directory has to be the same.
Can you please elaborate, as by the time user hit second application there will be a valid smsession in the browser. SSO sees a valid session so using the same session authorization call made against a different directory and it fails...
If same case happen with normal application not the federated one then login page will be thrown and smsession will be getting updated with second application's user directory.
Satyendra, Ujwol's answer is correct, I believe. But, if you still have a problem after making the same user directory for both apps, then please open a case with Support, providing all PS, agent and federation logs and traces.
Thanks, - Vijay