Symantec Access Management

Hi,

If there are multiple tabs opened in a browser (e.g., IE) and the user accesses SiteMinder protected application in one of the tab. Then instead of clicking LOGOUT button on application page, user simply closes the tab and tries to open the application on new tab which takes him directly to the application and not to SiteMinder login page.

The requirement in above scenario is to present SiteMinder login page.

I think this is something to be taken care of at the application end to kill the application session and redirect to the application URL protected by SiteMinder.

Please let me know if my understanding is correct. If not, please let me know how the above requirement can be achieved?


Thanks,
Chenna

Please talk to your account team about a custom module:

Limit Concurrent Login

this might help.


Sincerely,
Josh Perlmutter
CA Technologies SiteMinder Support
SiteMinder Team Line: 800-CALL-CAI (225-5224)
My Working Hours: 8 AM to 4 PM US Eastern Time
Center Hours: 8 AM to 8 PM US Eastern Time

Hi Josh,

Thanks for the reply.

Users are not accessing concurrently in our case.

User authenticates to the application in one of the tab having different other applications in other tabs within the browser window. User closes the tab and tries to access the same application in another tab within the same browser window.

Please clarify does the module handle above case.


Thanks,
Chenna
Mob: 9739653021

Hi Chenna,

The “Limit Concurrent Login” module limits a user to one concurrent login.


Why are cookies saved if I close a tab but keep the browser open?

If you click New Window, New Tab, or Duplicate Tab on the File menu, or click on a desktop shortcut, the new tab or window will share session cookies with the original tab. This is called “session merging.”

Proper support for Session Merging is important because most web applications are written to expect it. For instance, when a web application opens a popup window, it usually does so with the expectation that the popup window will share cookies with the main window, so that the user will remain logged in and their preferences will remain available, etc. Similarly, when the user uses the Duplicate Tab command, they reasonably expect the new tab to show them the same content as the original tab-- sharing cookies is critical for that scenario to work correctly.

IE8 and up:

Simply click the New Session item on the File menu, and a new browser window will open. The new browser window will not share session cookies with the original browser window.

SMSession cookies (SiteMinder cookies) are cleared when the browser is closed (all tabs and exit the browser).

Regards,
Peter

From: CA Security Global User Community (Distributed) [mailto:CommunityAdmin@communities-mail.ca.com]
Sent: Friday, April 12, 2013 4:24 AM
To: mb.2253364.100760883@myca-email.ca.com
Subject: [CA SiteMinder General Discussion] RE: How session is removed in case of accessing application in tab windows?

Hi Josh,

Thanks for the reply.

Users are not accessing concurrently in our case.

User authenticates to the application in one of the tab having different other applications in other tabs within the browser window. User closes the tab and tries to access the same application in another tab within the same browser window.

Please clarify does the module handle above case.


Thanks,
Chenna
Mob: 9739653021
Posted by:Chenna
--
CA Communities Message Boards
100763423
mb.2253364.100760883@myca-email.ca.com<mailto:mb.2253364.100760883@myca-email.ca.com>
http://communities.ca.com

Thanks Peter


Regards,
Chenna