Error: Permission denied on Web Agent webappclientresponse Ajax calls
search cancel

Error: Permission denied on Web Agent webappclientresponse Ajax calls

book

Article ID: 229675

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) SITEMINDER

Issue/Introduction

 

When running a Web Agent and protecting a resource using the ACO parameter WebAppClientResponse, the browser gets an error:

_host._domain._com says
Unable to connect to Server.

Cause

 

The Web Agent can't deliver the content holding the response, because the Web Agent hasn't permission to read and execute it.

As per documentation, the Body file from the WebAppClientResponse should have the direction the request should proceed (1).

webagent.log

[29985/501548800][Fri Nov 19 2021 10:40:32] cookieprovider='https://_host1._domain._com/SmMakeCookie.ccc'.
  
[29985/501548800][Fri Nov 19 2021 10:40:32] overlooksessionaspattern='yes'.
  
[29985/501548800][Fri Nov 19 2021 10:40:32] overlooksessionforurls='/myapp/mypage/'.
  
[29985/501548800][Fri Nov 19 2021 10:40:32] webappclientresponse='Resource=/myapp/my.*|Method=GET,POST,PUT|Status=200|Body=/opt/CA/webagent/samples/ajax/ajax.html|Content-Type=application/json|Charset=us-ascii'.

[...]

[30437/1921849088][Tue Nov 23 2021 10:32:33][CSmHttpPlugin.cpp:2332][WARNING][sm-HTTPAgent-00190] Unable to process SMSESSION cookie.
  
[30437/1921849088][Tue Nov 23 2021 10:32:33][CSmWeb20CacheObj.cpp:238][ERROR][sm-HTTPAgent-00370] Error opening form template '/opt/CA/webagent/samples/ajax/ajax.html': Permission denied.

webagenttrace.log

[11/23/2021][10:32:33][30437][1921849088][CSmHttpCredCore.cpp:1997][CSmHttpCredCore::DoFormsChallenge][00000000000000000000000079100d0a-76e5-619cc341-728d1700-3db058a3c8cd][*10.0.0.1][][myAgent][/myapp/my.myapplication.01][][Redirecting to credential collector 'https://_host1._domain._com/siteminderagent/login.fcc?CHECKPASSWORD=ON&TYPE=33554432&REALMOID=06-0005c689-312d-1ea8-b4c7-4a120a320000&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$VGvDwGiX8cQ485s22ddwfg5as45T0bZnLfeUeLRGZgyfeNN2y2m%2bBWB3CnIcmy&TARGET=$SM$HTTPS%3A%2F%2F_host1._domain._com%2Fmyapp%2Fmy.myapplication.01'.]
  
[11/23/2021][10:32:33][30437][1921849088][CSmWeb20Cache.cpp:210][CSmWeb20Cache::GetForm][][][][][][][Form template '/opt/CA/webagent/samples/ajax/ajax.html' not found in cache.]
  
[11/23/2021][10:32:33][30437][1921849088][CSmWeb20CacheObj.cpp:236][CSmWeb20CacheObj::LoadFormTemplate][][][][][][][Permission denied]
  
[11/23/2021][10:32:33][30437][1921849088][CSmWeb20Cache.cpp:284][CSmWeb20Cache::GetForm][][][][][][][Unable to serve form template '/opt/CA/webagent/samples/ajax/ajax.html' from disk.]
  
[11/23/2021][10:32:33][30437][1921849088][CSmWeb20Response.cpp:108][HandleCustomizedResponsRequest][00000000000000000000000079100d0a-76e5-619cc341-728d1700-3db058a3c8cd][*10.0.0.1][][myAgent][/myapp/my.myapplication.01][][Sending WEB 2.0 custom response (Url '' and Reason 'Challenge')]

Resolution

 

Make the file

/opt/CA/webagent/samples/ajax/ajax.html

fully accessible for the account running Apache and Web Agent to solve this issue.

 

Additional Information

 

(1)

     Apply SiteMinder Behavior to a Web Application Client
     

Powered by Wolken Software