Forum Discussion
Arnaud_Lemaire
May 25, 2016Employee
you have a new option for policy in V12 : Profile Scope
This setting prevents a malicious user from establishing a session using one virtual server, and then using that same session to access, potentially without further authentication, another virtual server and the resources behind it.
Profile Gives a user access only to resources that are behind the same access profile. This is the default value.
Virtual Server Gives a user access only to resources that are behind the same virtual server.
Global Gives a user access to resources behind any access profile that has global scope
If you are in a version below maybe you can use sso multi domain support with cookies restricted to host name.