• WebAgent upload size limit

    We are protection a web application by a CA Single Sign-On Web Agent 12.52 SP1 installed on MS IIS 7.5. This application must allow to upload files with huge size (> 50MB). Customer complains he can upload sma...
  • Restore SM_TLI_LOG_FILE to log TLI level transaction details (or mark as deprecated)

    score4
    Under review
    4 votes
    Summary  TLI log files do not print any details of transactions anymore (possibly this was removed in rewrite of agent in R12 or move to framework agent).   I think we either need to deprecate it and remove ...
    Mark.ODonohue
    last modified by Mark.ODonohue
  • Tech Tip : CA Single Sign-On : Failing back LDAP store type #1 to server 10.0.0.1:8000

    Question:   We're running a Policy Server and we see the Policy Server writing logs line like :   [smldaputils.cpp:1029][INFO][sm-Server-04410] Failing back LDAP store type #1 to server '10.0.0.1:8000'....
    Patrick-Dussault
    created by Patrick-Dussault
  • Tech Tip : CA Single Sign-On : Validation Period Disabled on Persistent Realm Impact

    Question: I'd like to know what is the consequence of disabling Validation Period on a Realm configured for persistent session ?   Answer: According to documentation, if you disable the Validation Period, t...
    Patrick-Dussault
    created by Patrick-Dussault
  • Tech Tip : CA Single Sign-On : Browser gets randomly error 500

    Issue:   We're running CA Access Gateway (SPS) and randomly users gets return code 500 in the browser and we want to know why and how to fix this.   Cause:   The Policy Server fails to verify the cer...
    Patrick-Dussault
    created by Patrick-Dussault
  • Why is user logged out before max timeout? Why is SM_TIMETOEXPIRE value dropping drastically?

    We are facing an issue where users are unpredictably getting logged out much sooner than the max timeout while being active. For example, a user will login at 8:00am and even though the max timeout is set to 10 hours ...
    vmody
    last modified by vmody
  • Tech Tip : CA Single Sign-On : Policy Server : CPU Spike : CleanServerCmds Error

    Issue: We're running a Policy Server and we observe it is consuming high CPU. I had to restart the service in order to solve the CPU spike. From the Policy Server logs I noticed the following line :   [5279/4...
    Patrick-Dussault
    last modified by Patrick-Dussault
  • Adminui Console 

    My environment Siteminder Admin UI 12.8 windows version   After restarting the System  we can see siteminder adminui is running, Policy Server is running but the admin ui console page cannot be displaye...
    Venuusps
    last modified by Venuusps
  • SSO Access Gateway - Howto enable AuthAz WebServices (with example)

    Here are some video training notes for setting up the AuthAz webservices on SSO Access Gateway.  This came up again recently, for an internal support case, so I hunted up a training video that I had put together ...
    Mark.ODonohue
    last modified by Mark.ODonohue
  • Federation using WAOP + Tomcat

    My org is trying to set up a federation server using the WAOP (v12.52.0108) and Tomcat (7.0.88) architecture in a 12.7 SSO environment. We have run into an issue when configuring a federation where when the SSO servic...
    taylor.swanson
    last modified by taylor.swanson
  • Tech Tip : CA Single Sign-On : Accessing AdminUI URL returns HTTP 404

    Issue:   We're running an AdminUI and today we have no access anymore to the AdminUI and the browser shows error 404 :   https://myserver.mydomain.com:8443/iam/siteminder/adminui 404 - Not Found   W...
    Patrick-Dussault
    created by Patrick-Dussault
  • Tech Tip : CA Single Sign-On : Impossible login on AdminUI

    Issue: We're running an AdminUI and after having changed the external Administrator password, we can't login anymore in the AdminUI.   How can we solve this ?   Environment:   AdminUI 12.8 Policy...
    Patrick-Dussault
    created by Patrick-Dussault
  • When policystore is tampered, will policystore LDAP restore bring back system to normal in a live environment

    I am working on upgrading from CA Siteminder R 12.52 SP 1 CR 05 to CA SSO 12.8. In the process, I exported policystore objects and keys from current live environment (CA Siteminder R 12.52 SP 1 CR 05) using XPSEx...
    krishnakumarsubramaniam
    last modified by krishnakumarsubramaniam
  • LLAWP service not coming up

    LLAWP is not coming up when starting Apache service. It was working fine, however after some migration change, the LLAWP service is not coming up.   Could you please help what went wrong?   Below is the er...
    vivek.s08
    last modified by vivek.s08
  • Tech Tip : CA Single Sign-On : Regarding the End of License and End of Support of CA products

    Question: We're running SiteMinder in our environment and we'd like to know the EOS and EOL of the following components :   1. SiteMinder Policy Server - version : R12SP3CR11 2. SiteMinder SDK - version R12S...
    Patrick-Dussault
    created by Patrick-Dussault
  • Ability to customize claim values inside ID_Token

    score7
    Delivered
    7 votes
    As of now, CA SSO openid connect allows to pass data in user data "as is" in ID_TOKEN. It doesn't allow to modify the data in user directory and pass it as claim value in ID Token (JWT).   We need some kind of p...
    Krishna.Chapati
    last modified by Krishna.Chapati
  • Refresh ID_Token (JWT) along with accessToken

    score7
    Delivered
    7 votes
    As of now, as part of Refresh mechanism, CA SSO issue new access_token only but not  ID_Token (JWT).  As customers use ID_TOKEN issued by CA SSO and it is very critical that CA provi...
    Krishna.Chapati
    last modified by Krishna.Chapati
  • CA SSO - Question on Installation download

    I am trying to download CA Single Sign On installer from https://support.ca.com website. I see below options whenever I try to download the CA SSO installer and which one should I download ? What is the diff...
    GopiReddyIrala
    last modified by GopiReddyIrala
  • Is it possible to authenticate for two apps. 

    The scenario is two applications are configured to use CA SSO/SAML for authenticatication. The user logs into first app and the app has some service end points from the second App (which is again configured for CA SSO...
    ravijay
    last modified by ravijay
  • I can not start IBM HTTP server 9.0x after installing CA Web Agent 12.52

    I can not start IBM HTTP server 9.0x after installing CA Web Agent 12.52 on RH7.6. When I run startup command I am getting the following error [root@ssoker-rhwasnd bin]# ./apachectl -k start httpd: Syntax error on li...
    irinachvets
    last modified by irinachvets