Does the SiteMinder WebAgent add the Cache Control security header "no-store" by default to all transactions
search cancel

Does the SiteMinder WebAgent add the Cache Control security header "no-store" by default to all transactions

book

Article ID: 235593

calendar_today

Updated On:

Products

CA Single Sign-On

Issue/Introduction

Does the SiteMinder WebAgent add the Cache Control security header "no-store" by default to all transactions.

 

Apache Error.log:

[Thu Jun 10 13:53:30.962452 2021] [http:trace4] [pid 119425] http_filters.c(958): [client 10.90.10.54:60885]   Cache-Control: no-store
[Thu Jun 10 13:53:30.962456 2021] [http:trace4] [pid 119425] http_filters.c(958): [client 10.90.10.54:60885]   Location: /siteminderagent/forms/login.fcc?TYPE=XXXXX&REALMOID=XXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXX&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&TARGET=-SM-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[Thu Jun 10 13:53:30.962471 2021] [http:trace4] [pid 119425] http_filters.c(958): [client 10.90.10.54:60885]   Content-Length: 534
[Thu Jun 10 13:53:30.962473 2021] [http:trace4] [pid 119425] http_filters.c(958): [client 10.90.10.54:60885]   Keep-Alive: timeout=5, max=100

Environment

Web Agent: 12.52 Any Supported Version

Resolution

SitMinder agent does not add the cache control header "no-store" to all the transactions. It will be added only to .fcc pages & logout url as we don not want .fcc pages and logout page to be cached. Pages will be not be cached with no-store header.

Powered by Wolken Software