Previous Topic: SPS Support for Cookieless SessionsNext Topic: SPS Support for Extranet Access Control

Administration GuideSiteMinder Secure Proxy Server OverviewSPS in an EnterpriseSPS Support for Cookieless SessionsCookieless Session Scheme in a Federation Environment

Cookieless Session Scheme in a Federation Environment

SPS, with its built-in handling of cookieless session schemes, enables it to be deployed in environments where the user agent, such as a wireless device, does not support traditional SiteMinder cookies.

If you deploy SPS in a SiteMinder federation security services environment, the following process is enforced when a user request is received:

  1. SPS receives a request for a federated resource. The request is directed to the Federation Web Services (FWS) application at the site producing assertions.
  2. SPS verifies if cookieless federation is enabled for the virtual host requesting the redirect.
  3. If a cookieless scheme is being used, SPS removes the session key (SMSESSION cookie) for the current session.
  4. SPS sends the user to the link provided by the FWS redirect.

If SPS is using a rewritable session scheme such as simple_url session scheme, SPS rewrites the redirect response to include the session key information in the redirected URL.