CA Access Gateway Not converting NON ASCII characters returned from Response before forwarding it to backend
Article ID: 129764
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
AXIOMATICS POLICY SERVER
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
One of our protected resource is setup with a Response header to return the memberOf Attribute of the user.
Some of these returned Groups contains a NON ASCII characters.
When the AG agent generate the header (after processing the Policy Server Response) and pass it to the backend server (via the proxy engine), the backend is rejecting the request due to these characters not converted to UTF8 .
Some of these returned Groups contains a NON ASCII characters.
When the AG agent generate the header (after processing the Policy Server Response) and pass it to the backend server (via the proxy engine), the backend is rejecting the request due to these characters not converted to UTF8 .
Environment
Release:
Component: SMAPC
Component: SMAPC
Resolution
2 options to resolve the issue on the Access Gateway
** Option 1 -->
Navigate to (sps_home)\proxy-engine\conf and open the SmSpsProxyEngine.properties file
- Add the following in the NETE_SPS_PROXYENGINE_CMD section before the classpath:
-Dhttp_protocol_element_charset="UTF-8" ---) to be added
For example:
NETE_SPS_PROXYENGINE_CMD="%NETE_SPS_JAVA_HOME%\bin\java.exe" -Xms512m -Xmx1024m -XX:MaxMetaspaceSize=256M -Dhttp_protocol_element_charset="UTF-8"
Here UTF-8 is the character set that our noodle client uses while communicating with back end server.
** Option 2 -->
Another alternate setting would be adding http_protocol_element_charset="UTF-8" server.conf file in <Service name="forward"> section.
sample:
<Service name="forward">
class="org.tigris.noodle.Noodle"
# Enables support for multiple protocols if set to true. Currently only
# http and https is supported. If set to false only http is supported.
protocol.multiple="true"
http_protocol_element_charset="UTF-8"
>
** Option 1 -->
Navigate to (sps_home)\proxy-engine\conf and open the SmSpsProxyEngine.properties file
- Add the following in the NETE_SPS_PROXYENGINE_CMD section before the classpath:
-Dhttp_protocol_element_charset="UTF-8" ---) to be added
For example:
NETE_SPS_PROXYENGINE_CMD="%NETE_SPS_JAVA_HOME%\bin\java.exe" -Xms512m -Xmx1024m -XX:MaxMetaspaceSize=256M -Dhttp_protocol_element_charset="UTF-8"
Here UTF-8 is the character set that our noodle client uses while communicating with back end server.
** Option 2 -->
Another alternate setting would be adding http_protocol_element_charset="UTF-8" server.conf file in <Service name="forward"> section.
sample:
<Service name="forward">
class="org.tigris.noodle.Noodle"
# Enables support for multiple protocols if set to true. Currently only
# http and https is supported. If set to false only http is supported.
protocol.multiple="true"
http_protocol_element_charset="UTF-8"
>
Feedback
Yes
No
Powered by
