Found Apache with CA SSO error in Openshift container - Continued

Article Id: 197442
Status: Published
Updated On: 17-08-2020 07:06
Products:
CA Single Sign On Secure Proxy Server (SiteMinder) , CA Single Sign On Agents (SiteMinder) , CA Single Sign On Federation (SiteMinder) , CA Single Sign On SOA Security Manager (SiteMinder) , SITEMINDER
Issue/Introduction:

 

We're starting Web Agent on Apache in an OpenShift Container and then Web
Server reports error :

  [Error] SiteMinder Agent

        Failed to initialize the configuration manager.
        LLAWP unable to get configuration, exiting.
        nm: '/etc/httpd/bin/httpd': No such file

We register the instance like this :

  sh-4.2$ /etc/httpd/CA/webagent/bin/smreghost -i webagent:11444 -hn mywebagent -hc mywebagent -f /etc/httpd/CA/webagent/config/SmHost.conf -sh {RC2}sadasDSAdsAdsaddsadFsdtSfQWdXasdASREqwEDasdaS11
  Host Registration written to '/etc/httpd/siteminderwa/webagent/config/SmHost.conf'.

And we start the instance like this :

sh-4.2$ /usr/sbin/httpd -D FOREGROUND

The LLAWP may not be running as the proper user.

  [27/Jul/2020:10:16:54] [Info] [CA WebAgent LLAWP] [236] [LLAWP Monitor: LLAWP has been started.]

  [27/Jul/2020:10:16:54] [Error] SiteMinder Agent
   Unable to load SiteMinder host configuration object or host configuration file.
   /etc/httpd/siteminderwa/webagent/config/SmHost.conf
   06 00 00 00

  [27/Jul/2020:10:16:54] [Error] SiteMinder Agent
   Failed to initialize the configuration manager.
   LLAWP unable to get configuration, exiting.
  nm: '/etc/httpd/bin/httpd': No such file

The Web Agent doesn't start. 

How can we solve this ?

 

Environment:

 

  Web Agent 12.52SP1 on Apache 2.4.6 on RedHat;

 

Resolution:

 

As documentation states, you need to generate the shared secret by the
sample code given in the documentation, prior to run the smreghost
command with -sh option.

  Register the Web Agent

    Register the application For each application, create a trusted host
    using Java Agent API SDK. Using this method you can create a new
    trusted host and obtain its generated shared secret in an unencrypted
    string format.

  https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments.html

Now, when you try to run the sample SDK script to register the
application, then you get the error :

  The import com.ca.siteminder.sdk.agentapi.Util cannot be resolved
  Main.java

This is a known issue fixed in the SDK 12.8SP2 :

SDK

  01184735, 01212552 DE383871 smagentapi.jar from SDK does not include
  the com.ca.siteminder.sdk.agentapi.Util

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/release-notes/service-packs/defects-fixed-in-12-8-02.html

So to fix the issue, upgrade the SDK to the latest version 12.8SP4.