ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Access Gateway adding additional quotes "" in the cookie

book

Article ID: 110034

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

- Regardless if addquotestocookie was set to YES or NO in the server.conf, if a http header cookie response having an = Character in its value, The Access Gateway Tomcat is double quoting the cookie.
- Example of the Cookie Variable 

WebAgent-HTTP-Cookie-Variable SMTEXT6=joe=test
WebAgent-HTTP-Cookie-Variable SMTEXT=null=Testind_d4_CUA
WebAgent-HTTP-Cookie-Variable SMTEXT5==
WebAgent-HTTP-Cookie-Variable SMTEXT3=nullTestind_d4_CUA
WebAgent-HTTP-Cookie-Variable SMTEXT2=Testind_d4_CUA
WebAgent-HTTP-Cookie-Variable SMTEXT4=null

- -All cookies that has an = Character in the value will be set with double quote. Please see response below

Server: Apache/2.4.29 (Win64) OpenSSL/1.0.2l-fips mod_jk/1.2.42
Set-Cookie: SMTEXT2=Testind_d4_CUA; Domain=.myidp.com; Path=/
Set-Cookie: SMTEXT5="="; Version=1; Domain=.myidp.com; Path=/
Set-Cookie: SMTEXT4=null; Domain=.myidp.com; Path=/
Set-Cookie: SMTEXT3=nullTestind_d4_CUA; Domain=.myidp.com; Path=/
Set-Cookie: SMTEXT="null=Testind_d4_CUA"; Version=1; Domain=.myidp.com; Path=/
Set-Cookie: SMTEXT6="joe=test"; Version=1; Domain=.myidp.com; Path=/



 

Environment

Release:
Component: SMSPS

Resolution

The double quote is being set by Tomcat app server used in the Access Gateway.
You can disable this behavior by following the below steps:

1. Navigate to your "catalina.properties" that can be found under CA\secure-proxy\Tomcat\conf 
2. add the following line to the property file 

org.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0 = true 

value true --> Cookies will be set with no double quote if = is present 
False --> cookies will be set with double quote if = is present 

3. restart Access Gateway service