Mixed Sessions wih IIS : IISCacheDisable not working


Article ID: 99524


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


In production environment we noticed that we are able to mix session
while using NTLM/Kerberos authentication.  We were able to reproduce
in a lower environment.

Following the following tech note we could use the IISCacheDisable ACO
but is not effective.


We have a workaround by using the Default application pool in classic
mode insead of integrated.

1. Can you let us know if we can use the IISCacheDisable alone and why
   i is not effective in our environment ?
2. Is there any constraint of using the IIS application pool in
   Classic mode ? The WebAgent is the only component running on IIS.


  Webagent 12.52SP1CR04 on IIS 8.5 - Windows 2012 R2 
  Policy Server 12.52SP1CR04 on Redhat Linux 6 


1. Implement the "IISCacheDisable" ACO 

2. Consider disabling 'Enable Cache' and 'Enable Kernel Cache' in IIS
   at the Web Site level.

3. If there are load balancers or other network devices which have
   'Response Caching' disable it.