FCCForcelsProtected doesn't work !

book

Article ID: 7369

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

I'm running a Web Agent, if I set the ACO parameter FCCForceIsProtected to yes, I see no change in the amount of calls done to the Policy Server.

 

From the Documentation :

FCCForceIsProtected

Specifies whether the Web Agent makes an additional IsProtected call to the Policy Server to establish a realm context so that the Web Agent can log a user in to access a protected resource.

When this parameter is set to no, the Web Agent uses the realm information obtained from its initial IsProtected call to the Policy Server instead.

Default: Yes

 

Cause

There's a known issue in Policy Server 12.52SP1CR02 for which this parameter has out of the box typo. The default ACO Apachedefaultsettings' and 

'AuthAzServiceDefaultSettings' are showing the following wrong syntax : 

 

FCCForcelsProtected (Note the "L" lower case in the middle of the Parameter)

 

That should be replaced by the 

 

FCCForceIsProtected (Note the "i" upper case in the middle of the Parameter)

 

note that in the first there's a lower case "L" instead of capital "i". 

 

Environment

Release:
Component: SMAPC

Resolution

Modify manually the parameter to put FCCForceIsProtected instead of FCCForcelsProtected (change "l" ("L" lower case as LDAP) for "I" upper case "i" as Info)

Additional Information

Further info : Tune the Performance of the FCC