Administration Guide › Configure SPS to Support the SessionLinker › Configure the SPS to Support the SessionLinker › How the SessionLinker Works › What the SessionLinker Does Not Support
What the SessionLinker Does Not Support
The SessionLinker does not do any of the following tasks:
- Track cookies issued to the user throughout the CA SiteMinder environment. Doing so would require a persistent data store that could be read from and written to by every web server employing SessionLinker. The massive number of reads and writes necessary to support this tracking would require substantial processing power and bandwidth, and is thus unmanageable.
- Destroy the cookies of an existing user when the user logs out of CA SiteMinder. Because the cookies are not being tracked centrally, no mechanism knows which cookies to destroy. In addition, because of the way different web browsers handle cookies, the logout page cannot always determine which cookies the user has received. Finally, SessionLinker does not actually integrate with the CA SiteMinder logout process.
- Terminate the session of an underlying application. To support this function, the SessionLinker would need to know how to terminate sessions in each of the applications – many of which do not have an exposed API to manage sessions. Because applications can be configured to terminate sessions after some amount of idle time, and there is little the overhead in leaving a session active, this function has not been implemented.
SessionLinker accomplishes the linking by preventing the user from presenting an invalid Foreign Session cookie.
Copyright © 2013 CA.
All rights reserved.
|
|