Symantec Access Management

This problem is happening to IIS 7.5 webserver on Windows 2008 R2 running with Integrated pipeline mode and IIS webagent (sm-wa-iis-12.0-sp3-cr012-win64).

== PROBLEM DESCRIPTION==
User session expired as idle timeout sets in, despite that user is still active within the session.

== ANALYSIS ==
From webagent trace, we noted that existing session is validated and new SMSESSION cookie is generated. But set-cookie is not happening on the client browser (inspect through Fiddler trace).
Hence user is logout as idle timeout (30 minutes) is reached.

The SMSESSION cookie is updated accordingly as we switched to Classic pipeline mode.

== CONCLUSION ==
setRemoteUser and IgnoreQueryData ACO parameter seems to toggle the behaviour. With those disabled, the SMSESSION cookie is updated accordingly.

Development fix is available for CR12 release.

wonsa03 wrote:

This problem is happening to IIS 7.5 webserver on Windows 2008 R2 running with Integrated pipeline mode and IIS webagent (sm-wa-iis-12.0-sp3-cr012-win64).

== PROBLEM DESCRIPTION==
User session expired as idle timeout sets in, despite that user is still active within the session.

== ANALYSIS ==
From webagent trace, we noted that existing session is validated and new SMSESSION cookie is generated. But set-cookie is not happening on the client browser (inspect through Fiddler trace).
Hence user is logout as idle timeout (30 minutes) is reached.

The SMSESSION cookie is updated accordingly as we switched to Classic pipeline mode.

== CONCLUSION ==
setRemoteUser and IgnoreQueryData ACO parameter seems to toggle the behaviour. With those disabled, the SMSESSION cookie is updated accordingly.

Development fix is available for CR12 release.