Previous Topic: Persistent and Non-persistent Sessions

Next Topic: How SiteMinder Manages User Sessions

Session Tickets

SiteMinder implements session management using session tickets. A session ticket contains basic information about a user and that user's authentication information; it is used to identify the user's session across all sites in a single sign-on SiteMinder environment. Session tickets are encrypted and can only be read/validated by the Policy Server. SiteMinder Web Agents use session tickets to identify users and provide session information to the Policy Server.

The session ticket is handled differently depending upon whether the session is persistent or non-persistent.


Copyright © 2010 CA. All rights reserved. Email CA about this topic