Web Agent Option Pack return 403 when Service Provider has accentuated character
search cancel

Web Agent Option Pack return 403 when Service Provider has accentuated character

book

Article ID: 7049

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

I run Federation Services from Web Agent Option Pack, and when I go to
the IDP page to authenticate, I'm refused access with 403 code, and
the logs show me that the Policy Server doesn't find the Service
Provider with the following lines :

  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [FWSBase.java][doRequestLog][Requesting Host: 10.134.177.249 Requesting Host IP:
   10.134.177.249 Request protocol: HTTP/1.1 Request was secure: false
   Authentication type: null]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SSO.java][doGet][Query String: SPID=%C3%A2me]

  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SAMLTunnelClient.java][getServiceProviderInfoByID][Tunnel result code: 1.]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SAMLTunnelClient.java][getServiceProviderInfoByID][SAMLTunnelStatus: 5, Failed
   to obtain Service Provider data by provider ID. Provider ID: âme]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SAML2Base.java][getServiceProviderInfo][Could not find service provider
   information for sp: âme Message: Failed to obtain Service Provider data by
   provider ID. Provider ID: âme.]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SAML2Base.java][getServiceProviderInfo][Could not find service provider
   information for idp: âme.]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SSO.java][processRequest][Transaction with ID:
   25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9 failed.
   Reason: NO_PROVIDER_INFO_FOUND]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SSO.java][processRequest][No SAML2 provider information found for SP âme.]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [SSO.java][processRequest][Ending SAML2 Single Sign-On Service request
   processing with HTTP error 400]
  [03/15/2013][10:27:33][18531][25][25e2e066-bb7a852c-efffa0ee-1fc8c222-b366106e-c9]
   [ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 403 ]

I have already set Encoding="UTF-8" in server.xml file in the Application Server.

How can I solve this ?

Environment

Web Agent Option Pack 12.52SP1CR06 on Tomcat 6

Cause

 The Service Provider ID has accentuated character : "âme" which causes the issue.

Resolution

For Tomcat Application Server for Web Agent Option Pack : the
Connector elements must be configured to support UTF-8. This is
accomplished via setting URIEncoding="UTF-8".

Tomcat :

Set the URIEncoding attribute on the <Connector> element in server.xml
to something specific (e.g. URIEncoding="UTF-8").

https://wiki.apache.org/tomcat/FAQ/CharacterEncoding

Additional Information

Further reading :

https://geekflare.com/utf-8-configuration-in-websphere-weblogic-tomcat-tc-server-jboss/

Powered by Wolken Software