ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Custom Agent fails to validate SMSESSION


Article ID: 130535


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We're running SDK Custom Agents and after the Agent Keys rollover the Policy Server, 
many Custom Agent fail to validate the SMSESSION cookies. 

They report error : 

  17344 04/01/19 17:11:03 Start-Authentication-xxxxx: 
  userName=Name Surname, userOsDomain=, 

  17344 04/01/19 17:11:03 environment variable not enabled 

  17344 04/01/19 17:11:05 Authentication-xxxxx: Failure. Error 
  message is: Validation failed. Failed to decode token due to an API 

How can we solve this ?


There's an undocumented known issue where Policy Server could generate
a null character in the key value and as such the Custom Agent cannot
use the key correctly.


SDK Agent 12


Compile the SDK Agent with SDK 12.52SP1CR01 or higher to have this fix.

The workaround is to manually roll the Agent Keys with the AdminUI.