Unable to determine user from SiteMinder token - Retrying with a newer version of the SMTOKEN
book
Article ID: 191745
calendar_today
Updated On:
Products
CA Identity ManagerCA Identity GovernanceCA Identity PortalCA Identity Suite
Issue/Introduction
We have a 3 node IDM (JBOSS) cluster. On one of the nodes we see the following warning in the server.log:
13:06:21,922 WARN [ims.ui] (http-/0.0.0.0:8080-1) orig SMTOKEN : -SM-{RC2}hzNP3CQGIDW0ncXyvZcemCBIQkKXSJS73zYAHh1Q1nHeI7TsMD+nBf+lDZchb1TR6T/Kp3aLvmvWyZo58Brr0g== 13:06:21,922 WARN [ims.ui] (http-/0.0.0.0:8080-1) Unable to determine user from SiteMinder token: No items found 13:06:21,922 WARN [ims.ui] (http-/0.0.0.0:8080-1) Retrying with a newer version of the SMTOKEN.
We are not sure why would see this on one of the nodes and no the other two (all are set to WARN or higher). We would like to us the newer version in the token.
The message is informational only as the IDM code automatically removes the unreadable "-SM-" prefix.
You can try setting LegacyEncoding to YES in the ACO and restart the webagent and then test whether authorization to IDM works. If it works you can leave the YES setting. if not, change it back to NO and continue to allow the IDM code fix to modify the -SM-.