Error: Unable to decode SMSESSION cookie in Web Agent traces
search cancel

Error: Unable to decode SMSESSION cookie in Web Agent traces

book

Article ID: 117650

calendar_today

Updated On: 10-18-2023

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Agents (SiteMinder)

Issue/Introduction

 

Log messages appear in the Web Agent traces log file stating

  "Unable to decode SMSESSION cookie"

and the users are not able to navigate between 2 applications protected by Single Sign On without being prompted for authentication again.

 

Cause

 

For seamless navigation among protected resources, the agents protecting those resources must share the same Agent Keys, used to decrypt the SMSESSION cookie.

 

Resolution

 

When seeing messages like "Unable to decode SMSESSION cookie" - first check if agent keys are in sync, and also if there might be multiple sets of keys in your SiteMinder Key Store.