|
|
|
When the Identity Provider Discovery Service receives a request for the common domain cookie, the request includes a query parameter named IPDTarget. To protect the IPDTarget query parameter against attacks, there is a new configuration parameter named ValidFedTargetDomain, which lists all valid domains for your federated environment.
When the IPD Service examines the IPDTarget query parameter, it obtains the domain of the URL specified by the query parameter. The IPD Service compares this domain to the list of domains specified for the ValidFedTargetDomain parameter to confirm it is a legitimate domain.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |