Ask the Expert

Implementing a single sign-on environment while using multiple intranet domains

We are using Netegrity's Siteminder as our portal security solution. We have different Intranet Domains within our organizations. How can I implement a single sign on environment with the existing infrastructure without compromising security?

    Requires Free Membership to View

Netegrity Siteminder supports both single and Multiple domain. In a single domain model, the cookies are generated using a cookie domain which is used by all the applications to authenticate a user in that domain.

In an environment that includes resources located across multiple cookie domains, SiteMinder implements SSO across multiple cookie domains using a cookie provider. The cookie provider, which is a specially configured SiteMinderAgent, passes a cookie that contains the user?s identity and session information to other cookie domains in the SSO site. The user can then authenticate across the entire site. If the user?s browser is missing this cookie, the cookie provider sets it.

Within the SSO site, users are only challenged for identification upon their first attempt to access a resource. After they are authorized and authenticated, users can move freely between different realms that are protected by authentication schemes of an equal or lower protection level without re-entering their identification information.

Also, checkout Netegrity's WebSite for Case Studies at: http://www.netegrity.com

This was first published in December 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: