Running Policy Server, the smps.log reports the error:
[XPSSecurity.cpp:653][ValidateAdmin][ERROR][sm-xpsxps-04390] Unable to establish administration context.
Custom SDK Java code has been recompiled with the Policy Server JVM and the SDK same version as per Policy Server.
Policy Server 12.8SP8 on RedHat 7;
JDK 1.8_192;
The Policy Server reports the error in a SAML transaction, which ends with the user being authenticated, and SAMLResponse being sent.
smtracedefault.log:
[10/23/2024][15:36:22.386][15:36:22][][][SmAuthServer.cpp:364][][][][][][][][][][][][][][][][][][][][][][LogMessage:INFO:[sm-Server-02760] Initialized authentication scheme <saml-auth-scheme>][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][SMTRACELOG][][][][][]
[10/23/2024][15:36:25.307][15:36:25][][][SmAuthAdminUser.cpp:167][CSmAuthAdminUser::Authenticate][][][][][][][][][][][][][][][][][][][][][Authentication succeeded.][][][][][0][][Sm_AuthApi_Accept][][][][][][][][][][][][][][][][][][][][][][][][][][][SMTRACELOG][][][][][]
[10/23/2024][15:36:25.308][15:36:25][][][XPSSecurity.cpp:653][ValidateAdmin][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR: Unable to establish administration context.][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][SMTRACELOG][][][][][]
[10/23/2024][15:36:25.312][15:36:25][][][SmAuthUser.cpp:5869][CSmAuthUser::Authenticate][][][][][][][][][][][][][][][][][][][][LDAP://ldap.example.com:636/uid=<username>,ou=People,o=example][Authenticating user by the auth scheme][<saml-auth-scheme>][][][][][][][][][][][][][][uid=<username>,ou=People,o=example][][][][][][][][][][][][][][][][][][][SMTRACELOG][][][][][]
[10/23/2024][15:36:25.323][15:36:25][][][Sm_Auth_Message.cpp:5439][CSm_Auth_Message::SendReply][s11871/r365][<saml-auth-scheme>][][][][<saml-auth-scheme>][<saml-auth-scheme>][][][][][][][][][][][][][][** Status: Authenticated. ][<saml-auth-scheme>][][][][][][idletime=3600;maxtime=7200;authlevel=5][][][][][][][][uid=<username>,ou=People,o=example][][][][][][][][][][][][][][][][][][][SMTRACELOG][][][][][]
From the smtracedefault.log, after the error shows up, no further error is seen, and the Policy Server marks the transaction as success:
Status: Authenticated
During SAML authentication, Policy Server uses the authentication information obtained from SecurityContext to log in to XPS (eXtensible Policy Store), but if the SecurityContext is retrieved and it does not exist, the above error will be output.
However, if no other error messages are output at the same time and the above message is the only one, the SecurityContext itself will be retrieved in subsequent processing, and the SAML authentication process works normally.
Therefore, if no other error messages are output at the same time, no action is required and the message can be safely ignored.