Customer getting SMSESSION=LOGGEDOFF resulting in 401 intermittently, and this happens before the actual session timeout.
The observation was not correct and the user's session was expiring at the expected time. The application in which the user was working is able to automatically re-authenticate the user if challenged during a GET request, however, the application could not handle the same during a POST request, and thus the intermittence (users were simply not noticing their session expiration unless the first request after expiration happened to be a POST request).
Release : 12.8
Component : SITEMINDER SECURE PROXY SERVER
Since a http 401 web server response is expected in this circumstance, the customer is altering the application to retry the POST request when this situation occurs.