|
|
|
With single sign-on zones, authorization proceeds normally after a successful authentication without change. Once the validation process identifies a valid session, the session is used for the remainder of request processing and any other sessions identified in the request are ignored. If authorization fails, the user is challenged regardless of whether or not other sessions are available that might authorize successfully.
The first trusted session that passes validation is the session passed to authorization. If this session fails authorization, the user is challenged for credentials.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |