Could the WebAgent skip redirects to the CookieProvider by inspecting the XMLHttpRequest header? We have several applications making large numbers of AJAX calls (jQuery and other API's) that fail when the agent responds with a 302 redirect to the cookieprovider. We have had mixed results using the OverLookSession* parameters in the ACO, and the WebAppClientResponse configuration is not realistic in our environment. It seems like inspecting this header would be an easy way to ignore session updates since all AJAX calls set the header.
As of now , Web Agent has no option to skip redirection to the cookie provider based on the XMLHttpRequest header.
I think that is primarily because it is still not a standard methodology for Ajax data transfers.
It is still possible to implement Ajax without even using the XMLHttpRequest.
Ajax Data Transfer Methods - XMLHttpRequest Alternatives
Currently SiteMinder supports only following configuration to exclude requests from cookie provider redirection:
However, all this said, I think it would still be good idea to have a feature to ignore request based on request headers - XMLHttpRequest being one of them.
Do you mind putting this idea in our idea group or else I will create one for you :