ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Deformed response from webserver with webagent enabled


Article ID: 40945


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



Intermittently, user with expired SM session is redirected to an error page, instead of the SM login page.

Following error is logged in the Webagent log:

[SmApache22WebFilterCtxt.cpp:530][ERROR][sm-AgentFramework-00070] Input filter pre-fetch read error - 'Content data is not available'

Network trace logged a RST from LTM/F5.



A policy is defined on LTM/F5 to issue a RST when it detected malformed network packet – request/response that does not comply with HTTP Protocol (RFC2616), e.g: blank Content-Type.

We created a python script to POST same data to the webserver and successfully reproduced the deformed responses (blank Content-Type with the first response, followed closely with another response without headers), when Webagent is enabled.

Response from webserver when Webagent is enabled:


<Please see attached file for image>


Response from webserver when Webagent is disabled:


<Please see attached file for image>


Sample python script:


<Please see attached file for image>




Set LegacyStreamingBehavior=yes resolved the issue.

ACO parameter -- LegacyStreamingBehavior specifies how content will be transferred to the server during POST requests.

When the value of this parameter is set to yes, all content types are streamed, except for the following:

- text/xml

- application/x-www-form-urlencoded

When the value of this parameter is set to no, all content types are spooled. 



·         Disable POST preservation data – PreservePostData=no (Web Agent will not preserves POST data when redirecting requests to the login page)

·         Disable the policy on LTM/F5 that checks the HTTP request/response compliance or bypass LTM/F5.


Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus


1558719413891000040945_sktwi1f5rjvs16vbk.png get_app
1558719412167000040945_sktwi1f5rjvs16vbj.png get_app
1558719410054000040945_sktwi1f5rjvs16vbi.png get_app