We have few apps on the same virtual host, for ex: http:/host/appA http:/host/appB http:/host/appC etc... Policies have been created by the context root and everything works as expetced. However, we have trouble when it comes to certain ACO settings such as IdleTimeoutURL MaxTimeOutURL because they are set for all apps at agent level. Right now, my MaxTimeOutURL is a common page and all users goto the same page, irrespective of the app they are logged in. However, ideally, we would like them to be redirected to same app login page which caused the max time out. I have tried to capturer the referrer using java script., but 30% of the time the referrer is blank sending the user to never ending loop. So the referrer generated by brower is not reliable and consistent. I have created cookie for each policy domain with the name of the app, so my maxtimeoutURL can use the cookie and apply some logic, but unfortunately we use 'HTTPOnly' cookies, making this cookie unavailable for java script. I cant use headers as there are multiple redirects involved. Is there another way I can send app identifying info.(for ex: SM_DOMAIN NAme, or some static cookie)to a HTML page? can variables help? Is it possible to restrict HTTPOnly to SMSESSION ? Appreciate any suggestions.