000025120 - Inter-site SSO fails on Internet Explorer (IE) 7

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025120
Applies ToAccess Manager 6.0.x
Inter-Site Single Sign-On (ISSO)
Access Manager 4.7 agent
IssueInter-site SSO fails on Internet Explorer (IE) 7
Two domains are configured, A and B for Inter-Site Single Sign-On (ISSO), where domain A act as an ISSO master and B as an slave. When a user tries to access a resource on master Domain A after successfully authentication on Domain B the user is re-prompted to authenticate.
Cause

Internet Explorer 7 blocks the third party cookies with no privacy policy.

Resolution

Here are the steps to make it work.

1) Access domain B first and authenticate as usual.

2) You could see a small spy eye icon at the bottom of the IE browser which appears if it blocks any cookies for a site.

3) Double click on it to see the privacy report. It shows that it is blocking the ClearTrust cookie from domaina.com. At the bottom there is an option to change it to allow cookies from this site. Select this option.

4) Repeat the ISSO use case from slave to master now.  It should now work correctly.

Legacy Article IDa39666

Attachments

    Outcomes