Custom Agent fails to validate SMSESSION
Article ID: 130535
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
We're running SDK Custom Agents and after the Agent Keys rollover the Policy Server,
many Custom Agent fail to validate the SMSESSION cookies.
They report error :
17344 04/01/19 17:11:03 Start-Authentication-xxxxx:
userName=Name Surname, userOsDomain=,
userLdapDn=uid=xxxxx,ou=people,dc=myuserstore,dc=com
17344 04/01/19 17:11:03 environment variable not enabled
17344 04/01/19 17:11:05 Authentication-xxxxx: Failure. Error
message is: Validation failed. Failed to decode token due to an API
failure (SM_AGENTAPI_FAILURE)
How can we solve this ?
many Custom Agent fail to validate the SMSESSION cookies.
They report error :
17344 04/01/19 17:11:03 Start-Authentication-xxxxx:
userName=Name Surname, userOsDomain=,
userLdapDn=uid=xxxxx,ou=people,dc=myuserstore,dc=com
17344 04/01/19 17:11:03 environment variable not enabled
17344 04/01/19 17:11:05 Authentication-xxxxx: Failure. Error
message is: Validation failed. Failed to decode token due to an API
failure (SM_AGENTAPI_FAILURE)
How can we solve this ?
Cause
There's an undocumented known issue where Policy Server could generate
a null character in the key value and as such the Custom Agent cannot
use the key correctly.
a null character in the key value and as such the Custom Agent cannot
use the key correctly.
Environment
SDK Agent 12
Resolution
Compile the SDK Agent with SDK 12.52SP1CR01 or higher to have this fix.
The workaround is to manually roll the Agent Keys with the AdminUI.
The workaround is to manually roll the Agent Keys with the AdminUI.
Feedback
Yes
No
Powered by
