Mixed Sessions with IIS: IISCacheDisable not working
search cancel

Mixed Sessions with IIS: IISCacheDisable not working

book

Article ID: 99524

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction


Some sessions are getting mixed while using NTLM/Kerberos authentication.

The IISCacheDisable ACO has been set, but it isn't effective (1).

The workaround is to use the Default application pool in classic mode instead of integrated.

  1. Does the IISCacheDisable needs further configuration?
  2. Why doesn't it seem to work?
  3. Is there any constraint of using the IIS application pool in Classic mode? The Web Agent is the only component running on IIS.

 

Resolution


To solve this issue:

  1. Implement the "IISCacheDisable" ACO;
  2. Disable the 'Enable Cache' and the 'Enable Kernel Cache' in IIS at the Web Site level;
  3. If there are load balancers or other network devices that have 'Response Caching' enabled, disable it.

 

Additional Information


(1)

    Prevent Caching of Server Responses Containing Cookies
    

 

Powered by Wolken Software