Working of WebAgent ACO parameter-AllowCacheHeaders.
search cancel

Working of WebAgent ACO parameter-AllowCacheHeaders.

book

Article ID: 51531

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description

The ACO parameter -AllowCacheHeaders tells the Web Agent how to handle cache-related request headers. Specifically, this settings tells the Agent whether or not it should remove the if-modified-since or if-none-match request headers before the Agent passes a request to the web server where it is installed. The action taken by the Web Agent affects whether or not a browser uses cached pages.

Solution

The AllowCacheHeaders attribute tells the Web Agent how to handle cache-related request headers. Specifically, this settings tells the Agent whether or not it should remove the if-modified-since or if-none-match request headers before the Agent passes a request to the web server where it is installed. The action taken by the Web Agent affects whether or not a browser uses cached pages.

*************************************************************************
To enable cached headers set the parameter- AllowCacheHeaders=yes in ACO for the WebAgent.
*************************************************************************

Steps to validate working of AllowCacheHeaders=yes:
======================
  1. Request a protected resource (here /dummy/hello.html)
    GET http: //www2.netelectronics.com/dummy/hello.html
  2. Redirect to credential collector
    HTTP/1.1 302 Object Moved
Cache-control: no-store
Location: http://www2.netelectronics.com:8181/siteminderagent/forms/login.fcc
  3. After successful login user is allowed access to the originally requested resource. 
    This is served with an HTTP 200
 
GET http: //www2.netelectronics.com/dummy/hello.html HTTP/1.1
    HTTP/1.1 200 OK
Content-Length: 129
Content-Type: text/html
Content-Location: http://www2.netelectronics.com/dummy/hello.html
  4. Now, when the browser is refreshed the page /dummy/hello.html is served with an HHTP 304 which is served from the browser's cache. 
    HTTP/1.1 304 Not Modified
     Content-Location: http://www2.netelectronics.com/dummy/hello.html

So here we see that subsequent requests to a protected resource are served with an HTTP 304 from the browser's cache.

***************************************************************************
To Disable cached headers set the AllowCacheHeaders=NO in ACO for the WebAgent.
***************************************************************************

Steps to validate working of AllowCacheHeaders=NO:

  1. Request a protected resource (here /dummy/hello.html)
    GET http: //www2.netelectronics.com/dummy/hello.html HTTP/1.1
  2. Redirect to credential collector 
    HTTP/1.1 302 Object Moved
Cache-control: no-store
Location: http://www2.netelectronics.com:8181/siteminderagent/forms/login.fcc
  3. After successful login user is allowed access to the originally requested resource.
    This is served with an HTTP 200.
    GET http: //www2.netelectronics.com/dummy/hello.html HTTP/1.1 

    HTTP/1.1 200 OK
Content-Length: 129
Content-Type: text/html
Content-Location: http://www2.netelectronics.com/dummy/hello.html
  4. Now, when the browser is refreshed the page /dummy/hello.html is served with an HHTP 200 i.e. the browser makes a request to the web server. A fresh copy of the resource is served no matter whether the resource is cached in the browser or not. 
    HTTP/1.1 200 OK
Content-Length: 129
Content-Type: text/html
Content-Location: http://www2.netelectronics.com/dummy/hello.html

Environment

Release:
Component: SMIIS
Powered by Wolken Software