Policy Server failover took five (5) minutes in Round Robin mode

book

Article ID: 129137

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



Multiple Policy Server r12.7 (or 12.8) are configured in Round Robin mode.

In the following scenario with using Web Agent r12.52 SP1 CR8 on RHEL, the second AzAccept took about five (5) minutes.

1. Browser access to a protected page-A.
2. Login as a valid user ID and password.
3. After AuthAccept and AzAccept, the OS of Policy Server #1 shutdown.
4. Browser access to another protected page-B under the same domain as the page-A.
5. AzAccept took about five (5) minutes after the step 4.

Environment

Web Agent R12.52 SP1 CR08
OS: All

Resolution

The cause of the issue is use of blocking socket by Web Agent. Connecting to another Policy Server is taking more time in the scenario.

The fix will be released in future CR for r12.52 SP1 (possibly CR10) to use non-blocking socket.