Error: Unable to decode SMSESSION cookie in Web Agent traces
search cancel

Error: Unable to decode SMSESSION cookie in Web Agent traces

book

Article ID: 117650

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Agents (SiteMinder)

Issue/Introduction

Log messages appear in the Web Agent traces log file stating

  "Unable to decode SMSESSION cookie"

and the users are not able to navigate between 2 applications protected by Single Sign On without being prompted for authentication again.

 

Environment

WebAgent Version: 12.52.x.x and 12.8
Policy Server Version: All Supported versions

Cause

For seamless navigation among protected resources, the agents protecting those resources must share the same Agent Keys, used to decrypt the SMSESSION cookie.

 

Resolution

When seeing messages like "Unable to decode SMSESSION cookie" - first check if agent keys are in sync, and also if there might be multiple sets of keys in your SiteMinder Key Store.

 

Powered by Wolken Software