Web Agent unable to decrypt query string created by custom SDK agent
search cancel

Web Agent unable to decrypt query string created by custom SDK agent

book

Article ID: 399198

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

A custom agent is created using the SDK.  The custom agent is using SecureURLs=yes.  When the custom agent redirects the user to an out of the box agent for authentication, the out of the box agent throws the following error: 

Failed to Decrypt Query String

Environment

All

Cause

The  query string was properly URL-encoded, but the -SM- tag was not added to the beginning of the query string value.

Resolution

Custom agents must prepend the encrypted query string with -SM- after URL-encoding the string.  A proper request would look something like this:
https://host.example.com/siteminderagent/forms/login.fcc?SMQUERYDATA=-SM-kjN6HwPAXjPfMrY69uSFZk3wXdxy3snLstjvsqbFEcGdEvmKYGRSj1x%2fUigzF11...

Additional Information

If the web agents use LegacyEncoding=Yes, then use the $SM$ tag rather than the -SM- tag.

Powered by Wolken Software