Getting default SSO password change pages instead of custom
search cancel

Getting default SSO password change pages instead of custom

book

Article ID: 191537

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


We're running a Web Agent and when user tries to gets the Custom
Authentication Scheme to change its password, it gets the default
Siteminder page instead of the Custom one.

What could be the cause ?

Environment


Web Agent 12.52SP1CR09 on Apache 2.4;

Cause


We see that the embedded element in the page are protected and
as such, Web Agent has no way to deliver the Custom Authentication
page :

WebAgentTrace.log :

    [03/23/2020][11:55:23][11212][41][CSmHttpPlugin.cpp:690][CSmHttpPlugin::ProcessResource]
    [0000000000000000000000008b72c347-2bcc-5e78959b-0029-5ac021f1][*10.0.0.1][]
    [mywebagent][/myforms/mylogin.fcc?TYPE=33554433&REALMOID=0
    6-r4554s552-4sff-9444-sweasss5544545&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-k
    qcy%2bcTUDmuIJ%2bO63gexsxHREUqSgaflxPKOzpmFUwVtrI6VU%2b8AZdjQUrfTr%2fY7NbIs20eJIjJF1FcFf
    iXtTIW8r3viX0Af&TARGET=-SM-https%3A%2F%2Fmyappserver.mydomain.com%2Fmyapp][][Autoauth
    orizing
    URL :
    'https://test1.extranet.hydro.com/myforms/mylogin.fcc?TYPE=33554433&REALMOI
    D=06-r4554s552-4sff-9444-sweasss5544545&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-S
    M-sdkjahjdshhhrehhasds4sa4456s4ad564e11w21ew1ZdjQUrfTr%2fY7NbIs20eJIjJF1F
    cFfiXtTIW8r3viX0Af&TARGET=-SM-https%3A%2F%2Fmyappserver.mydomain.com%2Fmyapp'
    , Method: 'GET' ]

    [03/23/2020][11:55:23][11212][41][CSmFormTemplateCache.cpp:196][CSmFormTemplateCache::
    GetForm][][][][][][][Serving
    form template '/myforms/mylogin.fcc' from
    cache.]

    [03/23/2020][11:55:27][11212][43][CSmSessionManager.cpp:126][CSmSessionManager::EstablishSession]
    [0000000000000000000000008b72c347-2bcc-5e78959f-002b-df5f5322][*10.0.0.1][]
    [mywebagent][/favicon.ico][][SM_WAF_HTTP_PLUGIN->EstablishSession
    returned SmNoAction.]

    [03/23/2020][11:55:27][11212][43][CSmLowLevelAgent.cpp:503][IsResourceProtected]
    [0000000000000000000000008b72c347-2bcc-5e78959f-002b-df5f5322][*10.0.0.1]
    [][mywebagent][/favicon.ico][][Resource is protected from Policy Server.]

    [03/23/2020][11:55:27][11212][43][CSmHttpCredCore.cpp:1971][CSmHttpCredCore::DoFormsChallenge]
    [0000000000000000000000008b72c347-2bcc-5e78959f-002b-df5f5322][*10.0.0.1][]
    [mywebagent][/favicon.ico][][Redirecting
    to credential collector
    '/myforms/mylogin.fcc?TYPE=33554433&REALMOID=06-b564d94b-1f46-4f7f-9113-
    ec2e227b2e8a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-kqcy%2bcTUDmuIJ%2bO63gex
    sxHREUqSgaflxPKOzpmFUwVtrI6VU%2b8AZdjQUrfTr%2fY7NbIs20eJIjJF1FcFfiXtTIW8r3viX0Af&
    TARGET=-SM-https%3A%2F%2Fmyappserver.mydomain.com%2Ffavicon%2eico'.]

    [03/23/2020][11:55:27][11212][43][CSmFormTemplateCache.cpp:196][CSmFormTemplateCache::GetForm]
    [][][][][][][Serving form template '/myforms/mylogin.fcc' from cache.]

WebAgent.log :

    [11192/5][Mon Mar 23 2020 09:36:41] ignoreext='.class,.gif,.jpg,.jpeg,.png,.fcc,.scc,.sfcc,.ccc,.ntc,.css'.
    [11192/5][Mon Mar 23 2020 09:36:41] localization='no'.

Resolution


Add .ico value to the Web Agent "ignoreext" ACO Parameter to solve
this issue;

The value will be like :

ignoreext='.class,.gif,.jpg,.jpeg,.png,.fcc,.scc,.sfcc,.ccc,.ntc,.css,.ico'.
Powered by Wolken Software