When running a Web Agent, what is the problem with Ajax calls?

When will the Web Agent update the SMSESSION cookies when Ajax applications are protected and if the REST API calls are also Ajax calls?

 
The  Web Agent handles only HTTP protocol requests (1). 

The Ajax code is a Web 2.0 protocol, which is different from HTTP protocol (2)(3).

That stated, the Web Agent will not be aware of the use of the XMLHttpRequests and data exchanges with the server, as they aren't traditional Web Pages as explained in the links above.

As such, if the browser stays on the same page permanently, the SMSESSION cookie won't get renewed, even if the user uses the page permanently. Then the Session Status won't represent the user activity and vice-versa.

For that reason, the Web Agent offers the ACO Parameter WebAppClientResponse (4).

Further, REST protocol uses operation as GET, PUT, POST etc. as traditional Web pages, and thus, these calls can be caught by the Web Agent.

Ajax is different, as it's concentrated on data exchanges (5).

1. What is HTTP?
   
   
2. What is AJAX?
   
   
3. AJAX Introduction
   
   
4. Apply SiteMinder Behavior to a Web Application Client
   
   
5. Is AJAX a Rest api