Communication failure between SiteMinder policy server and web agent

book

Article ID: 108132

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



We are seeing instances in the web agent trace log of messages like:

[04/25/2018][14:09:29.310][24624][9836][000000000000000000000000132d2899-6030-5ae0c459-266c-010e7ce3][IsResourceProtected][Communication failure between SiteMinder policy server and web agent.]

But we are not getting reports of problems from users.

Environment

OS: Any supported OS
Agent version: Any supported agent.

Resolution

Check if there is any network interruption causing this.

Check if the Policy Server is shutdown or restarted.

If the WebAgent's SmHost.conf and HCO is pointing to a single Policy Server then you would be experiencing an outage at this point.

If there are multiple Policy Servers defined then users may not see any error as Loadbalance/Failover takes care of agent requests. However you will find these errors in the log during failover.

Check if all custom authentications are loading properly. (When there is a request for custom authentication and if it does not load properly then you can get this error as well)

 

If it is not the above, it can be due to a bad request.

In case if someone is forging a request passing invalid query parameters(such as agentname) to the login.fcc, so when the agent sends this data to the policy server, the policy server may find this request to be invalid and results in this error being logged.