Web Agent set twice the SMSESSION in header trigger error : Entity Too Large
Article ID: 75007
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
AXIOMATICS POLICY SERVER
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
We're running a Web Agent, this one set twice the SMSESSION in browser headers, which lead the request to fail because the header is too large :
From the backend server traces we see 2 SMSESSION cookies :
2017-09-14 09:37:23.554 [email protected]
00000000000000000000000043c812ac-4c4c-59ba31b3-587f0700-d5e062f9fdbb
MYDOMAIN TEST @[email protected] @[email protected]
[ajp-nio-9090-exec-9] DEBUG
HeaderForwardingInterceptor - Adding header Cookie
with value 'JSESSIONID=DD789B3879F57F983942BE055FB7738F;
SMSESSION=FncAupz6XMHAyvkLXtS0AlPNP6O9GXE1[...]
SMSESSION=7WA6OdWiFFWlFA0bls+fkQsSZnvLQvXA[...]
to backend call
2017-09-14 09:37:23.563 [email protected]
00000000000000000000000043c812ac-4c4c-59ba31b3-587f0700-d5e062f9fdbb
MYDOMAIN TEST @[email protected] @[email protected]
[ajp-nio-9090-exec-9] DEBUG DispatcherServlet - Could not complete request
HttpClientErrorException: 413 Request
Entity Too Large
How can we fix this ?
From the backend server traces we see 2 SMSESSION cookies :
2017-09-14 09:37:23.554 [email protected]
00000000000000000000000043c812ac-4c4c-59ba31b3-587f0700-d5e062f9fdbb
MYDOMAIN TEST @[email protected] @[email protected]
[ajp-nio-9090-exec-9] DEBUG
HeaderForwardingInterceptor - Adding header Cookie
with value 'JSESSIONID=DD789B3879F57F983942BE055FB7738F;
SMSESSION=FncAupz6XMHAyvkLXtS0AlPNP6O9GXE1[...]
SMSESSION=7WA6OdWiFFWlFA0bls+fkQsSZnvLQvXA[...]
to backend call
2017-09-14 09:37:23.563 [email protected]
00000000000000000000000043c812ac-4c4c-59ba31b3-587f0700-d5e062f9fdbb
MYDOMAIN TEST @[email protected] @[email protected]
[ajp-nio-9090-exec-9] DEBUG DispatcherServlet - Could not complete request
HttpClientErrorException: 413 Request
Entity Too Large
How can we fix this ?
Cause
When updating the SMSESSION cookie, the Agent wasn't deleting the current SMSESSION cookie, and as such, 2 SMSESSION cookies where set in the browser memory.
Environment
Web Agent R12.52 SP1 CR07 on Apache 2.4 64bits on RedHat 6 64bits.
Resolution
This issue will be fixed in Web Agent R12.52 SP1 CR09.
At date of March the 29th 2018, the fix will be provided in next Web Agent R12.52 SP1 CR09 which is expected by Q2 this year.
CA Single Sign-On Fix Strategy:
https://support.ca.com/phpdocs/7/5262/5262_fixstrategy.pdf
If before the CR09 is released you need to fix this issue, you can open a Support case to have a dev fix provided.
At date of March the 29th 2018, the fix will be provided in next Web Agent R12.52 SP1 CR09 which is expected by Q2 this year.
CA Single Sign-On Fix Strategy:
https://support.ca.com/phpdocs/7/5262/5262_fixstrategy.pdf
If before the CR09 is released you need to fix this issue, you can open a Support case to have a dev fix provided.
Feedback
Yes
No
Powered by
