Web Agent :: Ajax returns 302 code as it should not
search cancel

Web Agent :: Ajax returns 302 code as it should not


Article ID: 133617


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER



We're running a Web Agent and one application running Ajax code
returns 302 code to the Web Page when it should not.

How can we solve this ?




At first glance, to handle Web 2.0 code as Ajax, you need to implement
the Web Agent ACO parameter :


as per documentation here :

  Apply CA Single Sign-On Behavior to a Web Application Client

   Some web applications use script engines, which execute in the
   context of a Web browser, to request resources and display
   content. Similar to requests standard web browsers send, the
   requests originating from the script engine can trigger
   Agent-generated behavior, such as HTTP redirects or challenges.

   Unless properly integrated with the web application, this behavior
   can result in the web application client reaching an indeterminate

   The web application client response (WebAppClientResponse) ACO
   parameter lets you:

   - Configure CA Single Sign-On to identify requests originating from
     the script engine that is executing in the context of the Web

   - Use a customized response to integrate CA Single
     Sign-On-generated behavior, including a challenge, with the
     functionality of the web application client.

   - Configure the response format for requests from Web 2.0 resources
     (AJAX and other API-based calls) at the global level. 

   - Configure a global response to the web application clients to reduce the need to
     configure request/responses at each Web Agent level manually. 

   If you are using the WebAppClientResponse parameter to integrate the
   session management features, such as idle or session timeouts,
   configure the OverLookSessionFor ACO parameter also. While the
   OverLookSessionFor parameters prevent web application client
   requests from keeping user sessions active indefinitely, the
   WebAppClientResponse parameter lets you integrate the required
   functionality to redirect users after a session timeout.