ASA Agent Configuration error "The SMSESSION cookie is malformed, the session spec field is missing".

book

Article ID: 38318

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Problem :

---------------

We are getting this error message while using (Identity Assertor -IA) for ASA Agent for WebLogic.

[16 Feb 2016 14:07:26,120] [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [DEBUG] The SMSESSION cookie is malformed, the session spec field is missing.

On the Policy Server trace log, we see

[02/16/2016][14:07:26.563][14:07:26][32509][3946425232][Sm_Auth_Message.cpp:4629][CSm_Auth_Message::SendReply][s126859/r223][*******************wl-ia-agent][][09001895][][Weblogic-Identity-Asserter-Validation][ASA-IA-TAI][IDX][][][][][][][][][][][][][** Status: Validated.]

 Environment:-

----------------------------------

Policy Server R12.52 SP1 CR01

Red Hat linux 6.x

ASA agent R12SP2CR01

 

Resolution:

---------------------

On the Agent configuration Object used for IA for WebLogic

 add this parameter "AcceptTpCookie=Yes" as per the ASA agent for WebLogic Guide R12.Sp2 Page 63. 

The following is the description which explains what this parameter does, 

Configures the SiteMinder IA to assert identities from third-party SiteMinder session cookies generated using the SiteMinder SDK. For details, see "Enabling Single Sign-On" in the Agent API chapter of: 

-/ CA SiteMinder Programming Guide for C 

-/ CA SiteMinder Programming Guide for Java 

Default is NO. 

Note: If you configure the SiteMinder IA to accept third-party SiteMinder session cookies, also configure the SiteMinder Login Module to accept them so that it can assert WebLogic propagation tokens in situations when WebLogic must reestablish Subjects created by the SiteMinder IA.

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component: