Error: Unable to resolve agentname from appid in SPS

book

Article ID: 242736

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

 

When running CA Access Gateway (SPS), after configuring Authentication and Authorization WebServices, then once the browser tries to log in by this service, the CA Access Gateway (SPS) reports an error:    

    [05/30/2022][08:46:11][9140][14164][00000000000000000000000001000000-23b4-62946833-3754-00dd442b]
    [CSmHttpPlugin::ProcessServiceResource]
    [Unable to resolve agentname from appid 'mytestauthenticationazserver.mydomain.com', exiting with SmFailure.]

 

Cause

The request in SoapUI asks for the appId "mytestauthenticationazserver.mydomain.com"

SOAP Request:

http://myauthazservice.mydomain.com:80/authazws/auth

  <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
      xmlns:aut="http://www.ca.com/siteminder/authaz/2010/04/15/authaz.xsd">
    <s:Header/>
    <s:Body>
   <aut:login>
 <identityContext>
  <userName>jsmith</userName>
  <password>password</password>
</identityContext>
 <appId>mytestauthenticationazserver.mydomain.com</appId>
<resource>/myResource/myApp</resource>
<action>GET</action>
   </aut:login>   
    </s:Body>
  </s:Envelope>

and the ACO is configured with appId myauthazservice.mydomain.com agwstest:

WebAgent.log:

  [9140/5364][Fri May 27 2022 18:11:10] File Version: 12.8.0500.2546
  [9140/5364][Fri May 27 2022 18:11:10] agentname=myAgent,myauthazservice.mydomain.com
  [9140/5364][Fri May 27 2022 18:11:10] agentname=myAgent,myauthazservice
  [9140/5364][Fri May 27 2022 18:11:10] enableauth=yes
  [9140/5364][Fri May 27 2022 18:11:10] enableaz=yes
  [9140/5364][Fri May 27 2022 18:11:10] requireagentenforcement=yes

 

Environment

 

  CA Access Gateway (SPS) 12.8SP5 on Windows;

 

Resolution

 

Send the request with appId "myauthazservice.mydomain.com" as:

    <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:aut="http://www.ca.com/siteminder/authaz/2010/04/15/authaz.xsd">
      <s:Header/>
      <s:Body>
<aut:login>
  <identityContext>
    <userName>jsmith</userName>
    <password>password</password>
  </identityContext>
  <appId>myauthazservice.mydomain.com</appId>
  <resource>/myResource/myApp</resource>
  <action>GET</action>
</aut:login>  
      </s:Body>
    </s:Envelope>
 

to solve the issue.