Unable to modify Application in Siteminder Admin UI, with error Failed to execute ModifyApplicationEvent of Duplicate value for CA.SM::Policy

book

Article ID: 225127

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign-On

Issue/Introduction

Customer can not Modify an Application (NOT Domains->Domain) in siteminder admin UI.

After initial creating the application, user gets the following error message when modifying the application policy and click on submit:

Failed to execute ModifyApplicationEvent. ERROR MESSAGE: SmApiWrappedException:CA.SM::[email protected](Authorized Users): Duplicate value for CA.SM::Policy.Name="Authorized Users": CA.SM::[email protected](Authorized Users),CA.SM::[email protected](Authorized Users).

User role can not be linked to application policy.

This issue appears to be same issue mentioned in this link:

https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?GroupId=2197&MessageKey=629bd3c2-bd3d-4c36-a007-f934b760bea7&CommunityKey=f9d65308-ca9b-48b7-915c-7e9cb8fc3295&tab=digestviewer

Cause

This is a defect with 12.8sp4 and 12.8sp5 admin ui.

During application creation, if user submits everything on a whole with ONE submission, the application will be created correctly, and the role is linked to policy.

However, if user submits application, policy and role by stages with multiple submission, this is where error occurs.

The role can not be linked to the policy, the application object is corrupted.

There could be ways to manually link the role to the specific policy via XPSExplorer, but it is not desired.

 

Environment

Release : 12.8.05

Component : SITEMINDER WAM UI

Resolution

This issue is fixed on 12.8 SP06.

12.8 SP06 Release note:
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/release-notes/service-packs/defects-fixed-in-12-8-06.html

R12.8 SP06 [#2649] download
https://support.broadcom.com/download-center/solution-detail.html?aparNo=99111236&os=MULTI-PLATFORM

If a Role is deleted recently, while creating new Role, please give a different Role name, instead of giving the same old Role name again.

Otherwise this could potentially result in "Duplicate value" error in admin UI too.  Fix won't be available until 12.8 SP07.

Attachments