WEBSSO - Forms Client Initiated not executing after first try

I've got an SSO profile setup for an application to do a client-initiated forms login for /index.php. This is working fine the first time a user goes into the application. The SSO gets set, javascript injected, and the form gets posted successfully and the response is a 302 redirect to another page (we'll say /index.php/sub/page). After this I'll see in the APM logs that the message

SSOv2 Logon failed, config /Common/[SSO_NAME] form login

even though the user logs in successfully.

In the SSO profile, I've got the Logon detection set to check redirect uri for

/index.php/sub/page

, so it should be seeing that in the Location header of the response.

Fast forward to a point where the user times out or logs out of the application without logging out of their APM session. When they are redirected back to the same login page, the SSO profile does not execute at all, so the user sees the login page.

I figured out that if I remove the Logon detection from the SSO profile, it will work every time. It's just when that logon detection fails that for some reason it doesn't try anymore. Adding

WEBSSO::enable

doesn't make a difference either.

Anybody experience this before, or have thoughts on why the SSO would stop even checking after a single perceived failure?