I have implemented Session Assurance protected realm and am able to login and aquire session info and get access to the resource.
After 5 minuted (the devicedna refresh interval) I get kicked out to login page (login.fcc)
The web page has a JS which POSTs to the server every 2 minutes.
On the third POST, after 6 minutes, I get ValidateReject and redirected to login page.
As per the bookshelf, Session Assurance does not support POST operations, but is it by design that I get kicked out to login page?
What do I miss here?
When I disabled the JS and tried to GET a protected page in the same realm after 6 minutes, I got redirected to uiapp, got the DeviceDNA collected and returned to the original page, as expected.
OS - Win2012 R2
SMPS - 12.52 SP2
CA Directory r12 sp 17
OS: Win 2012 R2
SMSPS: 12.51 sp8
That doesn't look right.
Do you see any explanation to why the user was kicked out from the web agent trace logs & ps trace logs ?
Along with checking the Agent and PS logs & traces, you can also review the current limitations on Session Assurance at the following location:
How to Configure Enhanced Session Assurance with DeviceDNA™ - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentat…
It could be the script making the POSTs is a Web 2.0 app (like Ajax), and therefore explain this behaviour, as the 5 minutes are the DeviceDNA refresh interval. Anyway, if the POSTs are not supported, and you do not have the same behaviour with a GET in such time, you could also test making that script to do GETs instead POSTs just to verify this is not the reason.