Most solutions use cookie technology. However, when accessing resources over HTTP or HTTPS, some enterprises want alternatives for establishing and maintaining a user session and provide single sign-on with a cookieless solution.
SPS provides an in-memory session store and allows the use of any of the following cookieless session schemes:
The following illustration shows a deployment in which SPS provides a combination of standard sessions using cookies and sessions without cookies:
The deployment shown in the previous illustration provides the following benefits:
Through a set of proxy rules, SPS forwards, or redirects, requests based on the type of device issuing the requests. For example, all initial requests can be directed at SPS, which forwards requests to destination servers based on device types. Browser requests can be redirected to destination servers, and SPS handles wireless requests.
Both standard SiteMinder cookies and cookieless session schemes are employed for maintaining user sessions. Session schemes are assigned based on user agent type for each virtual host. For example, all users accessing the network through web browsers are assigned to a standard cookie session scheme. Users accessing resource through a wireless telephone are assigned to a device ID session scheme.
Through an in-memory session store and the support of multiple session schemes, SPS provides alternatives to cookie-based sessions. SPS maintains session information in the session store and returns a token. This token is exchanged with all transactions, allowing SPS to match the token to the session information captured in the session store.
|
Copyright © 2013 CA.
All rights reserved.
|
|