Forum Discussion
Mike_Maher
Mar 15, 2012Nimbostratus
Steve,
A questions, is the application on the back-end setting cookies to send to the browser, if so ASM will set its own TS cookie to provide protection of the cookie field. I am not sure how it would handle the client not accepting the cookies.
Couple Suggestions
Have you tried just disabling Application Security in the HTTP Class that will essentially turn off ASM functionality and you should be able to rule it in or out of the process.
Another thing you could do when ASM is enabled is in the logging profile under the Web Application, turn on Log All Requests and see if you are seeing the request hit the ASM logs.
Lastly and probably something you will need if you open a case with support, spin up a tcpdump on the front and back end of the ASM and watch the traffic. I assume you will see the request hit the VS but then check and see if the traffic is going out the back end of the ASM towards the servers.
Let us know if any of this helps or if you need clarification on anything.
Mike