The backend Web Server gives the unauthorized response instead of the Web Agent Reverse Proxy

book

Article ID: 4651

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Running WebAgent, protecting backend server resource,
the browser access directly the resource, the
Web Agent doesn't seem to catch the request. I get the 401
error from the backend server instead of the Web Agent Apache
server 403 Forbidden.

Cause

The fact that the Reverse Proxy module executes the request and
serves the response before the Web Agent is seemly
the Web Agent module isn't loaded first in the list, but problably
at the very end :

httpd.conf :

  ServerRoot /root/sandbox/apache2.4
  include conf/*.conf
  ProxyPreserveHost On
  LoadModule sm_module "/opt/CA/webagent/bin/libmod_sm22.so"
  SmInitFile "$/opt/CA/webagent/conf/WebAgent.conf"

From out of the box installation and configuration, the installer puts the load module
instructions for the Web Agent at the first place in the httpd.conf file.

Environment

Web Agent 12.52SP1CR02 64bit on Apache 2.2.31 64bit on SLES 11 SP3 64bit;

Resolution

Make the Web Agent module to be the first
loaded module in your configuration like :

  ServerRoot /root/sandbox/apache2.4
  LoadModule sm_module "/opt/CA/webagent/bin/libmod_sm22.so"
  SmInitFile "$/opt/CA/webagent/conf/WebAgent.conf"
  include conf/*.conf
  ProxyPreserveHost On

to solve the issue

Additional Information

N/A