Error : affwebserv.log missing component library and FWSTrace.log not printing lines
search cancel

Error : affwebserv.log missing component library and FWSTrace.log not printing lines

book

Article ID: 218543

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder) SITEMINDER

Issue/Introduction

 

When running a Web Agent Option Pack (WAOP), this one produces no line
in the FWSTrace.log and shows only the header in the file :

FWSTrace.log :

  [Date][Time][Pid][Tid][TransactionID][SrcFile][Function][Message]
  [====][====][===][===][=============][=======][========][=======]

The affwebserv.log shows error "missing component library" on each
line :

affwebserv.log

  [31389/4233066240][Fri May 28 2021 09:34:40][AuthnRequest.java]
  [INFO][sm-log-00001] missing component library (AuthnRequest)

  [31389/4232013568][Fri May 28 2021 09:39:25][AssertionConsumer.java]
  [INFO][sm-log-00001] missing component library (AssertionConsumer)

  [31389/4232013568][Fri May 28 2021 09:39:25][AssertionConsumer.java]
  [INFO][sm-log-00001] missing component library (AssertionConsumer)

 

Environment

 

  Web Agent Option Pack 12.52SP1CR10 on Tomcat 8.5.60 on RedHat 7;
   Oracle JDK 1.8_0.275 
  Web Agent 12.52SP1CR10 on Apache 2.4.43 on RedHat 7;

 

Cause

 

The "missing component library" error is due to the fact that the Web
Agent Option Pack doesn't get access to the FedClient_en.properties
file it needs. This file is in the "resource/" folder of the Web Agent
Option Pack installation. The tricky thing is that Web Agent Option
Pack and Web Agent are installed in different folders in this custom
installation. The Out of the Box installation, they would be installed
in the same as per what documentation states (1)(2).

Note that this issue might also be caused by :

  - Tomcat and Web Agent Option Pack uses both different JVM versions;
  - Web Agent and Web Agent Option Pack aren't the same exact version;

Resolution

 

Manually setting the different environment variables for the Web Agent
Option Pack solved the issue :

    # export JAVA_HOME=/opt/java
    # export CATALINA_HOME=/opt/Tomcat
    # export CATALINA_BASE=/opt/myapps
    # export CAPKIHOME=/opt/CA/webagent_optionpack/CAPKI
    # export NETE_WA_ROOT=/opt/CA/webagent_optionpack
    # export NETE_WA_CLASSPATH=/opt/CA/webagent/java/smconapi.jar
    # export NETE_WA_PATH=/opt/CA/webagent_optionpack/bin:/opt/CA/webagent_optionpack/bin/thirdparty:/opt/java/jre/bin
    # export NETE_WA_OPACK=INSTALLED
    # export LD_LIBRARY_PATH=/opt/CA/webagent_optionpack/bin:/opt/CA/webagent_optionpack/bin/thirdparty
    # export PATH=/opt/CA/webagent_optionpack/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin
    # cd /opt/Tomcat/bin
    # ./startup.sh 

You should also note :

  - As security application, we highly recommend you to :

    - Run the Web Agent Option Pack on an isolated Tomcat instance;
    - Compile the Web Agent Option Pack with the same JDK installation
      that the Tomcat Server uses;
    - Set the Web Agent Option Pack Environment Variables with the
      same JDK installation that the Tomcat Server uses;
    - Insure Web Agent and Web Agent Option Pack are running the exact
      same version;
    - Insure Web Agent and Web Agent Option Pack are installed in the
      same folder (in your environment web agent option pack should be
      installed in webagent/ folder) to avoid unexpected behavior;

Additional Information

 

(1)

    Run the Web Agent Option Pack Installer

      The Web Agent Option Pack can be installed as a stand-alone
      product. The installer attempts to find an installed Web Agent, but
      if it cannot, it prompts you to continue or cancel.

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-52-01/installing/install-agents/web-agent-option-pack/install-the-web-agent-option-pack.html

(2)

    (UNIX) Source the Environment Script on a UNIX Operating Environments

      The path to the Web Agent Option Pack environment script points to
      one of the following locations:

      The installation directory of the web agent option pack. The default
      location is: /webagent_option_pack_home/bin.

      The installation directory of the web agent.

      If you install the option pack on the same system as the web agent,
      the script resides in the web agent directory. For any UNIX
      installation, the default location is /web_agent_home/bin.

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-52-01/installing/install-agents/web-agent-option-pack/deploy-federation-web-services/set-up-jboss-or-tomcat-to-work-with-federation-web-services.html

 

Powered by Wolken Software