Custom HTTP Headers set in a response are not being sent to the back-end web server.  This occurs whether the response is configured within a Domain, Realm, Policy, Rule, or a Global Response and Rule.

PRODUCT: Siteminder

COMPONENT: Policy Server, Web Agent

VERSION: ANY

OPERATING SYSTEM: ANY

HTTP Headers are set by the web agent on the web server.  These are not set on the browser.  As a result the web browser doesn't send an HTTP header with the request. 

The web agent sends the request to the web server.  The web agent intercepts the request and if the Policy and Rule tied to the HTTP header response, then the web agent sets the HTTP Header as part of the request on the web server.  

The custom HTTP Header is only set on requests sent to resources protected by Siteminder.  When you browse to an unprotected resource on the same web server, the HTTPD header is no longer set.

If you are redirected to a remote web server where the resource is not protected by a Siteminder web agent, then the header will not be set.  This is because the HTTP header is not set on the web browser.

If you need to set a custom value in a request sent to web server or web application that isn't running a Siteminder Web Agent, then consider configuring the response to set a Cookie instead of an HTTP header.  A Cookie is set on the browser and sent with each requests that the browser sends to a resource in the same cookie domain as the cookie.