Found Apache with CA SSO error in Openshift container

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

We're starting Web Agent on Apache in an OpenShift Container and then Web
Server reports error :

  [Error] SiteMinder Agent

        Failed to initialize the configuration manager.
        LLAWP unable to get configuration, exiting.
        nm: '/etc/httpd/bin/httpd': No such file

We register the instance like this :

  sh-4.2$ /etc/httpd/CA/webagent/bin/smreghost -i webagent:11444 -hn mywebagent -hc mywebagent -f /etc/httpd/CA/webagent/config/SmHost.conf -sh {RC2}sadasDSAdsAdsaddsadFsdtSfQWdXasdASREqwEDasdaS11
  Host Registration written to '/etc/httpd/siteminderwa/webagent/config/SmHost.conf'.

And we start the instance like this :

sh-4.2$ /usr/sbin/httpd -D FOREGROUND

The LLAWP may not be running as the proper user.

  [27/Jul/2020:10:16:54] [Info] [CA WebAgent LLAWP] [236] [LLAWP Monitor: LLAWP has been started.]

  [27/Jul/2020:10:16:54] [Error] SiteMinder Agent
   Unable to load SiteMinder host configuration object or host configuration file.
   /etc/httpd/siteminderwa/webagent/config/SmHost.conf
   06 00 00 00

  [27/Jul/2020:10:16:54] [Error] SiteMinder Agent
   Failed to initialize the configuration manager.
   LLAWP unable to get configuration, exiting.
  nm: '/etc/httpd/bin/httpd': No such file

The Web Agent doesn't start.

How can we solve this ?

Environment

Web Agent 12.52SP1 on Apache 2.4.6 on RedHat;

Resolution

As documentation states, you need to generate the shared secret by the
sample code given in the documentation, prior to run the smreghost
command with -sh option.

  Register the Web Agent

    Register the application For each application, create a trusted host
    using Java Agent API SDK. Using this method you can create a new
    trusted host and obtain its generated shared secret in an unencrypted
    string format.

  https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments.html

Now, when you try to run the sample SDK script to register the
application, then you get the error :

  The import com.ca.siteminder.sdk.agentapi.Util cannot be resolved
  Main.java

This is a known issue fixed in the SDK 12.8SP2 :

SDK

  01184735, 01212552 DE383871 smagentapi.jar from SDK does not include
  the com.ca.siteminder.sdk.agentapi.Util

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/release-notes/service-packs/defects-fixed-in-12-8-02.html

So to fix the issue, upgrade the SDK to the latest version 12.8SP4.