Idea Details

Enable web agent to handle Ajax 302 redirects to validate 3rd party cookie domain

Last activity 05-31-2019 03:48 PM
Amey.Govekar's profile image
08-09-2016 04:00 PM

Applications that are entirely Web 2.0 Ajax based do not handle 302 redirects correctly. Currently the workaround is to adjust the webappclientresponse parameter so that the web agent is informed that an ajax call is being made and changes the response status code from 302 to 200.

 

However once the SessionUpdatePeriod is reached, a call is made to the policy server to update the session in the cookieprovider domain. This then throws an XMLHTTPREQUEST Error that throws

 

XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin is therefore not allowed access

 

There needs to be a way to account for Ajax requests that are made for applications utilizing 3rd party cookie domains.

 


Comments

10-10-2016 02:25 PM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team is reviewing your enhancement suggestion. The Community will continue to be able to vote on this enhancement idea.

08-26-2016 06:22 PM

Have you looked at following options to exclude Ajax request from cookie provider redirect?

 

OverlookSessionForMethods
OverlookSessionForMethodsUri
OverlookSessionForUrls
OverlookSessionAsPattern