When WPA4.1.0-36 (tested), and the only using sso-only with with the defaults SSO polling (3 min) and all the rest like AM. It seems that every access to the URL always issues a /sessionservice even when the "ttl: 180" is seen
2018-05-23 20:51:45.825 +0800 DEBUG [0x7f73b17fa700:4401][source/process.c:1117] validate_policy(): get session cache status: success
2018-05-23 20:51:45.825 +0800 WARNING [0x7f73b17fa700:4401] validate_policy(): validate policy did not find a match for 'http://openam.forgerock.com:6800/index.html' in the cached entries, retrying with a new request to the policy service
2018-05-23 20:51:45.825 +0800 DEBUG [0x7f73b17fa700:4401][source/process.c:1117] validate_policy(): get session cache status: try again
2018-05-23 20:51:45.826 +0800 DEBUG [0x7f73b17fa700:4401][source/net_ops.c:790] send_session_request(): sending 706 bytes to http://openam.forgerock.com:8080/openam/sessionservice
This is not an issue if one do no use sso-only and the session cache is used.
Performance issue. This is see with the WPA 4.1.0-36 agent on Nginx and also Apache 2.4