With a SSO login to Spectrum established a SSO connect to CAPC re-challenges when it should not.
Article ID: 101511
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
AXIOMATICS POLICY SERVER
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
We're running SPS, when a user tries to access Spectrum Portal with an
existing session created in SOI application, the SPS request the
user to login again.
We'd like to get the user to login automatically.
The logs shows :
2. [06/08/2018][18:29:34][6594][107916144][ce118406-d218601c-6c4c0407-
0d752d5c-e4c679ea-16][CSmHttpPlugin::ProcessResource][Resolved
URL:
'/affwebservices/redirectjsp/redirect.jsp?SAMLRequest=fZFda8MgGIX%2
FSvA%2BatKSGKkpZaVQ6G76sYvdDGPsGpZo5mu6%2FfxJ2m4dg10Iip5z3vM4m392bX
TWDhprBEowRZE2ytaNeRXosF%2FFDM3LGciuTXu%2BGPzJbPX7oMFHQWiAX24EGpzhV
kID3MhOA%2FeK7xaPG55iyntnvVW2RdECQDsfoh6sgaHTbqfduVH6sN0IdPK%2B54T0
SpvY1zFNOJuwhABYMqaQQxB%2FO1yVKFqGYRoj%2FVjgjwf2Ne4ANy3gN2U7HBZntKB
EHo8fuoKLC5B%2BqNpGXYJCIopW1ik9FhboKFsISeulQC95USW5YkXK6KTKsyxsapYV
eZamesqqaXgGMOi1AS%2BNFyilCYtpFlO2T3KeMj4p8DSjzyh6ulEPjNCVMR%2FF7h7
u%2F2zljQcqf0rPyL1ZeT3%2B%2Fr%2FyCw%3D%3D&RelayState=SsoProductCode
%3Dpc%26SsoRedirectUrl%3Dhttp%3A%2F%2Fmyserver.mydomain.com%2Fmyapp
%26SMPORTALURL%3Dhttp%3A%2F%2Fmyserver.mydomain.com%2Faffwebservice
s%2Fpublic%2Fsaml2sso&SAMLTRANSACTIONID=14fd1531-15237ed5-29403a96-
5f38e1c6-c5c3e37c-04e'.]
3. [06/08/2018][18:29:34][6594][107916144][ce118406-d218601c-6c4c0407-0d
752d5c-e4c679ea-16][CSmHttpPlugin::ProcessSessionCookie][SMSESSION
cookie is custom from a third party and not accepted.]
How can we solve this ?
existing session created in SOI application, the SPS request the
user to login again.
We'd like to get the user to login automatically.
The logs shows :
2. [06/08/2018][18:29:34][6594][107916144][ce118406-d218601c-6c4c0407-
0d752d5c-e4c679ea-16][CSmHttpPlugin::ProcessResource][Resolved
URL:
'/affwebservices/redirectjsp/redirect.jsp?SAMLRequest=fZFda8MgGIX%2
FSvA%2BatKSGKkpZaVQ6G76sYvdDGPsGpZo5mu6%2FfxJ2m4dg10Iip5z3vM4m392bX
TWDhprBEowRZE2ytaNeRXosF%2FFDM3LGciuTXu%2BGPzJbPX7oMFHQWiAX24EGpzhV
kID3MhOA%2FeK7xaPG55iyntnvVW2RdECQDsfoh6sgaHTbqfduVH6sN0IdPK%2B54T0
SpvY1zFNOJuwhABYMqaQQxB%2FO1yVKFqGYRoj%2FVjgjwf2Ne4ANy3gN2U7HBZntKB
EHo8fuoKLC5B%2BqNpGXYJCIopW1ik9FhboKFsISeulQC95USW5YkXK6KTKsyxsapYV
eZamesqqaXgGMOi1AS%2BNFyilCYtpFlO2T3KeMj4p8DSjzyh6ulEPjNCVMR%2FF7h7
u%2F2zljQcqf0rPyL1ZeT3%2B%2Fr%2FyCw%3D%3D&RelayState=SsoProductCode
%3Dpc%26SsoRedirectUrl%3Dhttp%3A%2F%2Fmyserver.mydomain.com%2Fmyapp
%26SMPORTALURL%3Dhttp%3A%2F%2Fmyserver.mydomain.com%2Faffwebservice
s%2Fpublic%2Fsaml2sso&SAMLTRANSACTIONID=14fd1531-15237ed5-29403a96-
5f38e1c6-c5c3e37c-04e'.]
3. [06/08/2018][18:29:34][6594][107916144][ce118406-d218601c-6c4c0407-0d
752d5c-e4c679ea-16][CSmHttpPlugin::ProcessSessionCookie][SMSESSION
cookie is custom from a third party and not accepted.]
How can we solve this ?
Environment
Siteminder Policy Server version 12.52 SP1 on Win2008R2SP1;
CAPC 3.2 and SPS 12.52 on Linux6.9;
CAPC 3.2 and SPS 12.52 on Linux6.9;
Resolution
On Agent ACO "MySPS" for Agent "sps" define
Configure Support for SDK Third-Party Cookies
AcceptTPCookie=yes
instead of
#AcceptTPCookie=yes
and restart the CA Access Gateway (SPS);
Configure Support for SDK Third-Party Cookies
AcceptTPCookie=yes
instead of
#AcceptTPCookie=yes
and restart the CA Access Gateway (SPS);
Feedback
Powered by
