|
|
|
Most solutions use cookie technology. However, when accessing resources over HTTP or HTTPS, some enterprises want alternatives for establishing and maintaining a user session and provide single sign-on with a cookieless solution.
The SPS provides an in-memory session store and allows the use of any of the following cookieless session schemes:
The following illustration shows a deployment in which the SPS provides a combination of standard sessions using cookies and sessions without cookies:
The deployment shown in the previous illustration provides the following benefits:
Through a set of proxy rules, the SPS forwards, or redirects, requests based on the type of device issuing the requests. For example, all initial requests can be directed at the SPS, which forwards requests to destination servers based on device types. Browser requests can be redirected to destination servers, and the SPS handles wireless requests.
Both standard SiteMinder cookies and cookieless session schemes are employed for maintaining user sessions. Session schemes are assigned based on user agent type for each virtual host. For example, all users accessing the network through web browsers are assigned to a standard cookie session scheme. Users accessing resource through a wireless telephone are assigned to a device ID session scheme.
Through an in-memory session store and the support of multiple session schemes, the SPS provides alternatives to cookie-based sessions. The SPS maintains session information in the session store and returns a token. This token is exchanged with all transactions, allowing the SPS to match the token to the session information captured in the session store.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |