Description:

After upgrading CA ControlMinder to version 12.8 it is not possible to log in, even if using a correct username and password. After hitting the enter button, the initial login screen comes back blank. This document reports how to solve this problem.

Solution:

In version 12.8, JBOSS requires the connectors to be defined with the emptySessionPath tag defined to true in the server.xml file available at:

<<jboss-4.2.3.GA>>\server\default\deploy\jboss-web.deployer

In the XML file you will find several entries for emptySessionPath. For instance:

<Connector SSLEnabled="true" URIEncoding="UTF-8" clientAuth="false" emptySessionPath="true" keyAlias="entm" keystoreFile="C:\jboss4.2.3.GA\server\default\deploy\IdentityMinder.ear\custom\ppm\truststore\ssl.keystore" keystorePass="secret" maxThreads="150" port="18443" protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLS"/>

<Connector URIEncoding="UTF-8" acceptCount="150" address="${jboss.bind.address}" connectionTimeout="20000" disableUploadTimeout="true" emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="250" port="18080" protocol="HTTP/1.1" redirectPort="8443"/>

<Connector address="${jboss.bind.address}" emptySessionPath="true" enableLookups="false" port="18009" protocol="AJP/1.3" redirectPort="8443"/>

Make sure you add emptySessionPath="true" for any connector if it is not available.

After this change perform the following steps

1. Stop Jboss Service
2. Delete tmp and work folder from <<jboss-4.2.3.GA>>\server\default
3. Delete all the logs from <<jboss-4.2.3.GA>>\server\default\log
4. Start Jboss Service

This problem was not present in previous versions of ControlMinder, where the emptySessionPath tag was not necessary. The upgrade process from 12.X to 12.8 does not add it directly to the entries in server.xml and hence this problem appears.