Error: Bad or missing context 'HTTPPLUGIN' in SPS
search cancel

Error: Bad or missing context 'HTTPPLUGIN' in SPS

book

Article ID: 271500

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


After upgrading CA Access Gateway (SPS) to 12.8sp7, there's a problem with one of CA Access Gateway (SPS) embedded Agent.

User received error 500 on the favicon and during the Authentication.

agent log:

[13276/4624][Thu Aug 10 2023 08:59:27.236][CSmSAMLDataPlugin.cpp:179][ERROR][sm-SAMLAgent-00020] Bad or missing context 'HTTPPLUGIN'.
[13276/4624][Thu Aug 10 2023 08:59:27.236][CSmResourceManager.cpp:103][ERROR][sm-AgentFramework-00460] HLA: Analyzer from module 'SM_WAF_SAMLDATA_PLUGIN' returned unknown response code '-1' for component 'Resource Manager'.
[13276/4624][Thu Aug 10 2023 08:59:27.236][CSmResourceManager.cpp:151][WARNING][sm-AgentFramework-00480] HLA: Missing resource data.
[13276/4624][Thu Aug 10 2023 08:59:27.236][CSmHighLevelAgent.cpp:339][ERROR][sm-AgentFramework-00420] HLA: Component reported fatal error: 'Resource Manager'.
[13276/9148][Thu Aug 10 2023 08:59:27.330][CSmSAMLDataPlugin.cpp:179][ERROR][sm-SAMLAgent-00020] Bad or missing context 'HTTPPLUGIN'.
[13276/9148][Thu Aug 10 2023 08:59:27.330][CSmResourceManager.cpp:103][ERROR][sm-AgentFramework-00460] HLA: Analyzer from module 'SM_WAF_SAMLDATA_PLUGIN' returned unknown response code '-1' for component 'Resource Manager'.
[13276/9148][Thu Aug 10 2023 08:59:27.330][CSmResourceManager.cpp:151][WARNING][sm-AgentFramework-00480] HLA: Missing resource data.

agent trace log:

[08/10/2023][09:00:13][09:00:13.335][][][][CSmSAMLDataPlugin::ProcessResource][Retrieving pointer to HTTPPlugin]
[08/10/2023][09:00:13][09:00:13.335][][][][CSmResourceManager::ProcessResource][SM_WAF_SAMLDATA_PLUGIN->ProcessResource returned SmFailure.]
[08/10/2023][09:00:13][09:00:13.335][][][][CSmResourceManager::ProcessResource][Plugins did not collect required resource data.]
[08/10/2023][09:00:13][09:00:13.335][][][][ProcessRequest][ResourceManager returned SmNoAction or SmFailure, end new request.]

 

Environment


CA Access Gateway (SPS) 12.8SP7

 

Cause


Misconfiguration within webagent.conf, causes HttpPlugin.dll not loading properly. The root cause is not related to the upgraded version.

 

Resolution


There is a predefined order on how *.dll is loaded by the SPS Agent.

There is a misconfiguration within {SPS_Home}\secure-proxy\proxy-engine\conf\defaultagent\webagent.conf.

The documentation actually says "The SAMLDataPlugin.dll must appear after HttpPlugin.dll for the Web Agent to load without failures." (1).

Here is the default order list of dll within webagent.conf, customer may uncomment a line, but please keep the same order.

LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\HttpPlugin.dll"
LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\SPSPlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\SPPlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\DisambiguatePlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\OpenIDPlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\SessionLinkerPlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\SAMLDataPlugin.dll"
#LoadPlugin="{SPS_Home}\secure-proxy\agentframework\bin\CertSessionLinkerPlugin.dll"
 

Additional Information

 

  1. Pass Assertion Data as HTTP Headers to Relying Party Applications
    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/partnership-federation/application-integration-at-the-relying-party/pass-assertion-data-as-http-headers-to-relying-party-applications.html