WebAgent 500 errors

book

Article ID: 131572

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Users are getting 500 errors when attempting to access certain protected web pages which have domain authentication on load balanced web servers.  All other portals protected by the same agent are working but authenticate via other user stores. Switching between the 2 nodes works temporarily then failures begin again.

Environment

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution

Application Request Routing (ARR) was enabled on the IIS web server.  When using ARR, EarlyCookieCommit=yes must be set in the web agent configuration.

ARR changes the internal order of request processing within IIS such that the web agent must set its cookies earlier in the process than when ARR is not used.