Policy Server failover took five (5) minutes in Round Robin mode
Article ID: 129137
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
Multiple Policy Server r12.7 (or 12.8) are configured in Round Robin mode.
In the following scenario with using Web Agent r12.52 SP1 CR8 on RHEL, the second AzAccept took about five (5) minutes.
1. Browser access to a protected page-A.
2. Login as a valid user ID and password.
3. After AuthAccept and AzAccept, the OS of Policy Server #1 shutdown.
4. Browser access to another protected page-B under the same domain as the page-A.
5. AzAccept took about five (5) minutes after the step 4.
Environment
Web Agent R12.52 SP1 CR08
OS: All
OS: All
Resolution
The cause of the issue is use of blocking socket by Web Agent. Connecting to another Policy Server is taking more time in the scenario.
The fix will be released in future CR for r12.52 SP1 (possibly CR10) to use non-blocking socket.
The fix will be released in future CR for r12.52 SP1 (possibly CR10) to use non-blocking socket.
Feedback
Yes
No
Powered by
