ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

I don't see IdleTimeout Reason when the Web Agent is configured for webappclientresponse


Article ID: 6958


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


I've configured webappclientresponse and idletimeouturl that way in
the Web Agent ACO :

[567/5][Thu May 25 2017 11:58:18]webappclientresponse='Resource=/myurl/*|Method=GET,POST

[567/5][Thu May 25 2017 11:58:18]

I see indeed the redirection going to the mylogin.jsp page, but the reason
is a Challenge, and there's no URL given in the custom response.

  [/myurl/][GET][host01][Redirecting to credential collector '
  [Form template '/home/service/server/apache/conf/custom_web20.xml'
  not found in cache.]
  [Serving form template '/home/service/server/apache/conf/custom_web20.xml'
  from disk.]
  [Form template '/home/service/server/apache/conf/custom_web20.xml'
  stored in cache.]
  [GET][host01][Sending WEB 2.0 custom response (Url '' and Reason 'Challenge')]
  [/myurl/][GET][host01][SM_WAF_HTTP_PLUGIN->ProcessChallenge returned SmExit.]
  [Challenge Manager returned SmExit, end new request.]


  The url you have defined has a wild card and you forget to tell the
  Web Agent to not update the SMSESSION cookie on the resource /myurl/*,
  and this is why you don't see the reason idletimeout. You need to
  specify overlooksessionforurls to get the idletimeout handled and you
  need to set overlooksessionaspattern to handle the wildcard *


Web Agent 12.52SP1CR06 on Apache 2.2 on RedHat


Add the following ACO configuration :


in order to solve the issue and get Reason : idletimeout.

Additional Information

12.52SP1 Documentation:

OverlookSessionAsPattern - Default No 
If enabled, the agent does not create cookies for any of the URLs under the directory that is specified in OverlookSessionForUrls. See Prevent Session Cookie Creation or Updates.

Specifies a list of URLs against which the agent compares the URLs from all HTTP requests. If a match occurs, the agent does not create or update an SMSESSION cookie. See Prevent Session Cookie Creation or Updates.