ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA Access Gateway Not converting NON ASCII characters returned from Response before forwarding it to backend


Article ID: 129764


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


One of our protected resource is setup with a Response header to return the memberOf Attribute of the user.
Some of these returned Groups contains a NON ASCII characters.
When the AG agent generate the header (after processing the Policy Server Response) and pass it to the backend server (via the proxy engine), the backend is rejecting the request due to these characters not converted to UTF8 .


Component: SMAPC


2 options to resolve the issue on the Access Gateway 

** Option 1 --> 

Navigate to (sps_home)\proxy-engine\conf and open the file 
- Add the following in the NETE_SPS_PROXYENGINE_CMD section before the classpath: 
-Dhttp_protocol_element_charset="UTF-8" ---) to be added 

For example: 
NETE_SPS_PROXYENGINE_CMD="%NETE_SPS_JAVA_HOME%\bin\java.exe" -Xms512m -Xmx1024m -XX:MaxMetaspaceSize=256M -Dhttp_protocol_element_charset="UTF-8" 

Here UTF-8 is the character set that our noodle client uses while communicating with back end server. 

** Option 2 --> 

Another alternate setting would be adding   http_protocol_element_charset="UTF-8"  server.conf file  in <Service name="forward"> section.

<Service name="forward">

    # Enables support for multiple protocols if set to true. Currently only
    # http and https is supported.  If set to false only http is supported.