Secure Proxy Server Product Limitations

The following conditions apply to the SPS:

SPS is not a plug-in to another Web server. The SPS is a fully supported, stand-alone server.
The SPS does not support local content. The ability to place content on the SPS is not exposed, and the SPS does not support proxy rules for providing access to local content.
SPS does not support having the Web server on the same system as the SPS. If the two are set up on the same system, the Web server is accessible from the Internet. Security is not sure with this configuration.
The SPS provides its own session storage. However, the session store has no public APIs for use as a general session server.
In some enterprises that use the SPS, destination servers can also have SiteMinder web agents or application server agents installed. When policies for the SPS agent are inconsistent with policies for the agent installed on the destination server, the SPS can pass responses back to the invoking client. Because the SPS does not provide warnings about inconsistencies in processing such policies, use care when setting up SiteMinder policies in such environments.
The SPS makes a new request to the destination server for every request that it receives. All caching directives are ignored.
In the simple-url session scheme, SPS does not rewrite URLs embedded in or resulting from JavaScript.
The simple_url session scheme does not preserve the POST data when posting to a protected resource.