Unable to get ArcotSM Adapter logs to work

Products

SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction

When Running Advanced Authentication Adaptor with Policy Server 12.8,
when configuring the logging of that component, logs aren't produced.

The adaptershim.ini is configured that way :

  1. Installed the libraries
     siteminder/lib/libArcotSiteMinderAdapter.so
     siteminder/lib/ArcotLog2FileSC.so

  2. Configured [arcot/integrations/smadapter/LogLibrary1]
     1. DLLName=ArcotLog2FileSC
     2. HandleLevel=1
     3. EntryPoint=CreateFileLogHandler
     4. ParamSupported=4
     5. Param1=LOG_FILE_NAME=/opt/CA/siteminder/logs/arcotadaptershim.log
     6. Param2=LOG_FILE_ROLLOVER_INTERVAL=DAILY

Environment

Policy Server 12.8SP3 on RedHat 6;
Advanced Authentication CA Adaptor 9.1;

Resolution

At first glance, as you've specified "ArcotLog2FileSC" for DLLName,
that means that you run the 32bit version of
ArcotSiteMinderAdapter (1). As Policy Server 12.8 is 64bit, you do need
64bit ArcotSiteMinderAdapter (2).

More, some configuration need also to be changed :

  1. In adaptershim.ini file change this parameter from value of 4 to
     3 :

     change

     ParamSupported=4

      to

     ParamSupported=3

  2. Comment out this line

     Param3=MAX_LOG_FILE_SIZE=

     to

     # Param3=MAX_LOG_FILE_SIZE=

  3. Set the 64bit dll name :

     DLLName=arlogger

  4. Restart the Policy Server;

Additional Information

(1)

   Setting up Log Parameters

     All Authentication Shim log messages, except trace messages, are
     written to the SiteMinder Policy Server log file (smps.log). All trace
     messages are logged in the files that are configured in SiteMinder
     Policy Server.

     All entries that are logged in the smps.log file are also logged in
     the Adapter log file (arcotadaptershim.log). However, the HandleLevel
     parameter determines the level of message details in the Adapter log
     file.

     | Parameter | Required/Optional | Description                      |
     |-----------+-------------------+----------------------------------|
     | DLLName   | Optional          | Specify the name of the library  |
     |           |                   | file that logs.                  |
     |           |                   |                                  |
     |           |                   | Note                             |
     |           |                   | Do not specify the               |
     |           |                   | suffix of the file name,         |
     |           |                   | because it is                    |
     |           |                   | automatically added              |
     |           |                   | during run time.                 |
     |           |                   |                                  |
     |           |                   | Default value: arlogger (64 bit) |
     |           |                   | ArcotLog2FileSC (32 bit)         |
     |           |                   |                                  |

   https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/advanced-authentication/9-1/installing/ca-adapter-installation/ca-adapter-configuration-files-and-options/authentication-shim-properties-file.html

(2)

   Need 64 bit version of ArcotSiteMinderAdapter - because of Siteminder server upgrade to 12.8
   https://knowledge.broadcom.com/external/article?articleId=109868