I have a problem with SiteMInder and your help is really needed.
I have an application which is protected by CA SiteMinder.
The problem is: when a user click on " logout", he is still logged in this application. I am really thinking about a problem in the level of the cookies management. Have you any advice please or an idea about this problem ?
Thanks for your ideas and help.
Also this: https://communities.ca.com/thread/241730186
Thanks a lot Ujwol.
I saw this in my previous researches but the problem is when I search for SMSESSION cookies, it was on " logged off" mode.
Canyou capture the fiddler trace and share for review?
this is captured when I disconnect.
I am quite sure that I have the same problem as in this publication https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec529319.html
Do I need to modify the configuration of the web agent to no caching mode ?
Have you a guide please on the different steps to change it ( the file's name) ?
Thanks a lot
If you had the same issue as that article, you would not see the set-cookie response - as in that issue the content of the logout.html page is never sent to the webserver it is retrieved from the local client cache - and so the webserver never has the chance to send the set-cookie.
So if your seeing a set-cookie for LOGGEDOFF then you are past that issue!
But that set-cookie should replace your existing SMSESSION cookie - it can fail to do this if the domain= sections are different than the original set-cookie domain for SMSESSION.
And on your next request to the protected resource it should send the SMSESSION=LOGGEDOFF to the server.
But if you are still able to access the resource, then it will be cached or if it send the older value for SMSESSION then the set-cookie command to LOGGEDOFF didnt work.
But the latter steps in the fidder should show what is happening.
Cheers - Mark
Exactly, the domain parameter is not the same as in the SMSESSION login cookie.
In other environment, I don't have this problem and I have the same value of domains in Login and Logout cookies.
Please provide the full fiddler trace. If you can't provide it here, open a support case and upload it to the case for review.
This is definitely something very simple to fix.
Thanks a lot for both of you.
I will raise a CA ticket with the fiddler trace.