I have a query in the following scenario.
1.Agent User logs into a Siteminder protected application.
2. SM authenticates the user and sets the SMSESSION cookie by cookie provider.
3. Agent has the access and hence the user is authorized to access the application.
4. For some transaction Agent needs authorization from his superior(assume that the agent is accessing higher auth level and prompted for login) and here the expected flow is the superior enter his credentials and allow the agent to complete the transaction. In this scenario, existing SMSession will be updated.
5. Having the updated session the agent can access other SSO application. Expectation is the superiors session should expire after some time limits 10 mins and agents session should continue.
What we are checking here is, do we have any way to manage both agent's and superior's session. Assume two different smsession for agent and superior. Can Session store be used here? Is there any other way.
We have R12.52 Sp2 PS Version.