- One of the most common problems faced by IT departments is multiple user logins
- Single sign-on provides access to heterogeneous web server platforms
- Users only need to authenticate once
– SMSESSIONcookie is passed to other web servers
This postillustrates SiteMinder’s single sign-on functionality. Single sign-on can beimplemented across single and multiple cookie domains. It simplifies the use ofapplications across different servers and platforms. Single sign-on improvesthe user experience because users do not have to re-authenticate as they moveacross a single sign-on environment.
A single domain isan environment where all resources exist in the same cookie domain. MultipleWeb Agents in the same cookie domain can be configured for single sign-on,provided that you specify the same cookie domain in each agent’s configuration.
If single sign-on isenabled, the user authenticates only once. The agent caches the successfulauthentication and issues a single sign-on cookie to the user's browser. Whenthe user accesses protected resources in other realms with the same (or lower)protection level, they do not have to re-authenticate. Also, if the user movesto another Web server within this cookie domain, then the single sign-on cookieprovides session information to allow the user access, provided the protectionlevel rules were maintained.
