Virtual Appliance integrated with SiteMinder - users have no tasks available

Article Id: 144983

Status: Published

Updated On: 12-02-2020 11:22

Products:

CA Identity Manager , CA Identity Governance , CA Identity Portal , CA Identity Suite

Issue/Introduction:

A new vApp infrastructure was deployed and has been integrated with SiteMinder.

The steps in the following link were used to setup the environment, but this one does not work.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-suite/14-2/virtual-appliance/integrating-ca-identity-manager-with-ca-single-sign-on-using-virtual-appliance.html

After authenticating to access the user console, the user is presented with just the header bar of the IM User Console. The rest of the page is blank white space - no attempt to even trying to start to draw the available tasks.

Cause:

In reviewing the webagent-trace.log I see the following messages.

[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthenticateUser][Validating session 'NtOGp387AJyuJ/EE9vPO6XnEDjE=' for user 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' in zone 'SM'.]
[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthenticateUser][User 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' is authenticated from cache.]
[01/30/2020][09:15:42][24760][140681806825216][1f57bc35-c7a7d6de-8813b22b-977f1d41-2b8b72e0-e93][AuthorizeUser][User 'uid=imadmin,ou=people,ou=im,ou=ca,o=com' is not authorized by Policy Server.]

Environment:

Release : 14.3

Component : IdentityMinder(Identity Manager)

Resolution:

After review the Siteminder configuration. There was a bad Siteminder rule identified for /iam
After removing this invalid rule for /iam the issue was resolved.