Problem activating partnership from ADFS Metadata import
search cancel

Problem activating partnership from ADFS Metadata import

book

Article ID: 5907

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

After importing the Metada file from ADFS, we try to activate the partnership and we get the following error message :

 

server.log:

 

ERROR [com.ca.federation.adminui.backingbean.federation.PartnershipListBean]

(_host.example.com%2F10.0.0.1-8443-3) **ERROR** com.ca.fedxps.api.remote.FedXPSException during UI operation.

com.ca.fedxps.api.remote.FedXPSException: Activation of partnership failed



smps.log:

 

[IdPPartSvc.cpp:2220][createPropertySection][ERROR][sm-xobfed-00310] The failed to create backing object

[IdPPartSvc.cpp:2575][setActivated][ERROR][sm-xobfed-00490] setActivated failed.

[PartnershipService.cpp:2286][PartnershipService][ERROR][sm-xobfed-02330] PartnershipService failed. Operation: 3 

 

How can we solve this ?

Environment

Policy Server : 12.52 SP1 CR06Pstore : Oracle RDBMS

Cause

There is a limitation using RDBMS. When activating the partnership we use the following table smproperty5.PROPERTYVALUE VARCHAR2(4000).

Where there are too much assertion attributes, Policy Server can not insert the data in the table/column and so you cannot activate the partnership

 

Resolution

Remove manually all claims that will not be used by ADFS before importing the metadata.

 

Powered by Wolken Software