Overview of session sharing with Microsoft Office applications

You can configure WebSEAL to use cookies to maintain client sessions. For security reasons, WebSEAL uses non-persistent cookies. Since Internet Explorer and Microsoft™ Office are only capable of sharing persistent cookies, the Microsoft Office applications cannot share the WebSEAL user session by default.

You can configure WebSEAL to create a short-lived persistent session cookie. This cookie stores an index into a temporary session cache that WebSEAL uses to locate the corresponding session in the standard session cache.

You can configure this temporary cache entry for a single use or multiple uses by WebSEAL. The cache is not shared between WebSEAL instances. Microsoft Office applications can use the persistent cookie to locate the corresponding user session from Internet Explorer.

A request for the /pkmstempsession URI triggers the creation of this temporary session cookie. You can include a target redirect URL in the /pkmstempsession request. WebSEAL redirects the client to this URL when the processing of the /pkmstempsession request is complete. If no redirect URL is provided, WebSEAL returns a default results page to the client.

http://<server>/pkmstempsession?url=<requested_resource>

where:

<server>

The fully qualified host name of the WebSEAL server.

<requested_resource>

The location of the target resource.

For example, a Microsoft Office document: /server/test.doc.

Note: The request resource URL can optionally contain query string arguments. These arguments remain unchanged in the resulting WebSEAL redirect request.

The short-lived persistent cookie is created by sending a request to the /pkmstempsession URI. This cookie creation must occur before the client switches context from WebSEAL to Microsoft Office. See Configure shared sessions with Microsoft Office applications for configuration details of two common use cases in a Microsoft Office environment.