Enhance SiteMinder so that using Security Zones with persistent sessions behaves the same as with non-persistent sessions

Idea created by David_Macedo Employee on Apr 15, 2016
    Not planned

    Currently when using security zones you will have separate session cookies and if one zone cookie times out, it does not timeout additional zone cookies. Each zone cookie is able to maintain timeouts individually.


    When you enable persistent sessions, only 1 entry is created in the session store even though you may have multiple zone cookies. When 1 zone cookie times out, the entry is expired in the session store. Now the next time SiteMinder has to validate a different zone's cookie, it will fail as the entry in the session store is expired or removed by housekeeping. This leads to an SMAUTHREASON=40 Failed to update persistent session in Session Services.