Virtual Appliance integrated with SiteMinder - users have no tasks available

book

Article ID: 144983

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

A new vApp infrastructure was deployed and has been integrated with SiteMinder.

The steps in the following link were used to setup the environment, but this one does not work.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-suite/14-2/virtual-appliance/integrating-ca-identity-manager-with-ca-single-sign-on-using-virtual-appliance.html

After authenticating to access the user console, the user is presented with just the header bar of the IM User Console. The rest of the page is blank white space - no attempt to even trying to start to draw the available tasks.

 


Cause

In reviewing the webagent-trace.log I see the following messages.
 
[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthenticateUser][Validating session 'NtOGp387AJyuJ/EE9vPO6XnEDjE=' for user 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' in zone 'SM'.]
[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthenticateUser][User 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' is authenticated from cache.]
[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthorizeUser][User 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' is not authorized by Policy Server.]

Environment

Release : 14.3

Component : IdentityMinder(Identity Manager)

Resolution

After review the Siteminder configuration.   There was a bad Siteminder rule identified for /iam
After removing this invalid rule for /iam the issue was resolved.
Powered by Wolken Software