AnsweredAssumed Answered

Webagent not creating correct SMSESSION cookie domain

Question asked by dmt953 on Jul 14, 2018
Latest reply on Jul 16, 2018 by Hubert Dennis

We recently made some numerous experimental ACO configuration changes for the Federation Services Domain ACO to test inbound SAML SSO authentication and now noticing that the web agent for the federation services domain will now only create SMSESSION cookie for the primary domain.


The Apache web server for the Federation Services has three domains:


domain 1=

domain 2 =

domain 3 =


Users POST SAML assertion to:  after successful SAML authentication, the web agent creates the SMSESSION cookie for domain, but now when the users POST SAML assertion to: then after successful SAML authentication, instead of creating the SMSESSION cookie, it still create the domain cookie.


I tried playing around with the "CookieDomain" ACO parameters but this did not seem to make any difference.


Much appreciate your help as always!