We have few apps on the same virtual host, for ex: http:/host/appA http:/host/appB http:/host/appC etc... Policies have been created by the context root and everything works as expetced. However, we have trouble when it comes to certain ACO settings such as IdleTimeoutURL MaxTimeOutURL because they are set for all apps at agent level. Right now, my MaxTimeOutURL is a common page and all users goto the same page, irrespective of the app they are logged in. However, ideally, we would like them to be redirected to same app login page which caused the max time out. I have tried to capturer the referrer using java script., but 30% of the time the referrer is blank sending the user to never ending loop. So the referrer generated by brower is not reliable and consistent. I have created cookie for each policy domain with the name of the app, so my maxtimeoutURL can use the cookie and apply some logic, but unfortunately we use 'HTTPOnly' cookies, making this cookie unavailable for java script. I cant use headers as there are multiple redirects involved. Is there another way I can send app identifying info.(for ex: SM_DOMAIN NAme, or some static cookie)to a HTML page? can variables help? Is it possible to restrict HTTPOnly to SMSESSION ? Appreciate any suggestions.
Not out of the box
Agent name mapping can allowdifferent agents within the same ACO based on hostname or port difference,however if the host / port are always the same you can’t have different valuesfor each app
Possibility include ASP/JSP page for the respective APC parameters, then parse a header or referral headerto determine the app of origin then forward as coded
Thanks, Stepphen. Since my hostname and port are the same, I dont cant use ACO, Thanks for confirming that.
JSP and APC parameters sound more promising. Can you please shed more light on how to do this? Who is creating the header/referral header? Is it the applcation itself or SiteMinder through responses?
Reminder ,My challenge here is to make the SiteMinder static cookie 'app=name of the app' which is httpOnly , to be readable/available for the maxlogoutURL.