Logins against gateway are failing when trying to access them through OIDC client

book

Article ID: 198861

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) SITEMINDER

Issue/Introduction

When using OIDC client, the call to validate the user redirects to gateway.n.xxxxxx.com and the authentication is failing at this level.
When we try to access gateway.n.xxxxxx.com directly, the logins are successful.
From the logs we noticed that SiteMinder is authenticating and allowing the users so we are not sure if this is an issue at SiteMinder level or gateway level.  We do see the following error in the smps.log:
[96071/140066835904256][Thu Sep 03 2020 21:39:42][AgentAuth.cpp:140][ERROR][sm-Server-00200] Unable to resolve agent name oidcp:xxxxxx-employees , request s16605/r417

Cause

The submitted agent name accidentally contained a trailing space.

Environment

Release : 12.8.03

Component : SITEMINDER -WEB AGENT FOR APACHE

Resolution

Removing the trailing space from the agent name resolved the problem.