SMsession can't be validated cross siteminder instances.
Article ID: 188654
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On Agents (SiteMinder)
CA Single Sign On Federation (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
SITEMINDER
Issue/Introduction
We are setting up two siteminder nodes which are pointing to two different policy store but shared session store.
The configuration within policy store of both siteminder nodes are almost same , apart from certain host object and aco.
Now we can set up access gateway to create SMsession against each node , and the validation against the same node has no issue.
But the validation against the other node doesn't work.
The same setup to have different policy store but same session store works on our old production environment.
And it was design to provide HA and also keep the policy deployment separately.
Environment
Release : 12.8.03
Component : SITEMINDER -WEB AGENT FOR APACHE
Resolution
To make it work - the key store should be shared as well.
Both nodes have to connect to same key store and then re-register all the web agent to make sure the new keys were distributed.
Both nodes have to connect to same key store and then re-register all the web agent to make sure the new keys were distributed.
Feedback
Yes
No
Powered by
