Policy Server returns "AceCheck:Denied---aceRetVal = 1"

Article Id: 75000

Status: Published

Updated On: 10-04-2018 07:05

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

We're running Policy Server, when ACE authentication Scheme is in use, the
Policy Server doesn't communicate with the RSA Server and Policy
Server reports error :

[4708/4456][Wed Jan 24 2018 16:38:30][SmAuthAceHtml.cpp:1127]
[ERROR][sm-LoginLogout-01130] AceCheck:Denied---aceRetVal = 1

So the user cannot get authenticated. How can we resolve this ?

Environment:

Release: FEDMGP99000-12.52-Federation-Partnerships
Component:

Resolution:

The issue was with the node secret. On the RSA Server, we clicked
on "clear the node secret" check-box from RSA security console and then,
the Policy Server could authenticate the user successfully against the
RSA Server.