Traffic not flowing in Risk Authentication ( Riskfort)logs - After Patch & Server Reboot

book

Article ID: 227433

calendar_today

Updated On:

Products

CA Risk Authentication

Issue/Introduction

Since last 3-4 times we have observed, after patching/reboot.. Riskauth instances gets initialized fine but no requests gets served by it. 

In earlier cases, multiple restarts lead to resolution of an issue. Today, similar issue encountered in Production but restarts not helping it out.

Environment

Release : 9.1

Component : AuthMinder(Arcot WebFort)

RiskMinder(Arcot RiskFort)

Resolution

If there are multiple Risk servers behind a load balancer then we have to isolate the issue if that is related to Risk server or a Load Balancer issue and below are some of the ways it can be done.

  • Test the risk server with Risk sample application directly to check if the Risk server is processing the requests fine and if it does then something on Load balancer is not forwarding the requests to Risk server and that need to be checked with that team.
  • Test the Risk server using SoapUI directly to check if the Risk server is processing the requests fine and if it does then something on Load balancer is not forwarding the requests to Risk server and that need to be checked with that team. Below is a sample Risk evaluation request which can be used for this test. The request should be send on port 7778. In the below example replace Orgname and Username.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://ws.arcot.com/RiskFortEvaluateRiskAPI/3.0/wsdl">
   <soapenv:Header/>
   <soapenv:Body>
      <wsdl:EvaluateRiskRequest>
         <wsdl:deviceContext>
            <wsdl:deviceSignature>{"VERSION": "2.1.2", "MFP": {"Browser": {"UserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0", "Vendor": "", "VendorSubID": "", "BuildID": "20181001000000", "CookieEnabled": true}, "IEPlugins": {}, "NetscapePlugins": {}, "Screen": {"FullHeight": 1080, "AvlHeight": 1040, "FullWidth": 1920, "AvlWidth": 1920, "ColorDepth": 24, "PixelDepth": 24}, "System": {"Platform": "Win32", "OSCPU": "Windows NT 10.0; Win64; x64", "systemLanguage": "en-US", "Timezone": 180}}, "ExternalIP": "10.36.64.13", "MESC": {"mesc": "mi=2;cd=150;id=30;mesc=335538;mesc=351502"}}</wsdl:deviceSignature>
            <wsdl:deviceIDs>
               <wsdl:deviceIDItem>
                  <wsdl:deviceIDType>HTTP_COOKIE</wsdl:deviceIDType>
                  <wsdl:deviceIDValue>QYixg1pv7VmxPOaRCpXHNAkuGm6l7IeEoD/O3zJPC+5VKuyKvuoK05zSr2IGUHbd</wsdl:deviceIDValue>
               </wsdl:deviceIDItem>
            </wsdl:deviceIDs>
         </wsdl:deviceContext>
         <wsdl:locationContext>
            <wsdl:clientIPAddress>10.230.9.216</wsdl:clientIPAddress>
         </wsdl:locationContext>
         <wsdl:userContext>
            <wsdl:orgName>DEFAULTORG</wsdl:orgName>
            <wsdl:userName>TESTUSER1</wsdl:userName>
         </wsdl:userContext>
      </wsdl:EvaluateRiskRequest>
   </soapenv:Body>
</soapenv:Envelope>

  • You can also use Rest API and to do that you need to update the restapi.properties and specify the single hostname and this change will need the Application server restart.

Once you validate the Risk server is taking requests and processing it fine then you can engage with the Load Balancer team and ask them to look into why the requests are not flowing to that server.