Detection of Policy Server failure by Web Agent

book

Article ID: 107551

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



Web Agent R12.52 SP1 CR06 is connecting to two Policy Servers in Round Robin mode. All are on RHEL.

If one of two Policy Servers gets down, it was supposed that Web Agent reconnected to alive Policy Server after the value of RequestTimeout in HCO (default 60 sec) passed.

However, it was observed that it only took about seven seconds for the reconnection.

What is the specification of Round Robin mode in such situation ?

Environment

Web Agent 12.52 SP1 CR06 / RHEL
Policy Server 12.7 / RHEL

Resolution

This obseravation is the expected behavior since Web Agent r12.51 CR04.

Here is a summary of Connection between Web Agent and Policy Servers.
1. Web Agent polls Policy Server periodically.
2. The connection is created using non-blocking sockets. Web Agent waits up to RequestTimeout before deciding Policy Server is unavailable.

Notes:
Regarding RequestTimeout, the functionality has been changed as per 12.51 CR04 fix 53774 (DE103076).
In CreateConnection function, code is modified to use non-blocking sockets.

As a result, RequestTimeout explanation is as following:
"The RequestTimeout parameter specifies the number of seconds. The trusted host waits up to the value before deciding that a Policy Server is unavailable."