Thank you for your response Mr Shrestha.
Our situation was changed, the cause of this problem was proved.
so, I have two new questions.
These questions are written on bottom of this response.
1.
>Are you using static agent keys or dynamic agent keys ?
use dynamic agent keys. but never roll over.
>Also I can't see any reason why it would break (if it was working earlier) by just switching the user directory.
I thought so too.
but now, cause of this problem was proved.
Please see my response under "---------------".
2.
>No, doManagement() call doesn't rollover agent keys.. Remember agent keys are rolled over from Policy Server side >not the agent side ...
yeah, I see.
well, My understanding of how agent-key roll over works is as below.
①Do agent key roll over on policy server side.
②WebAgent fetchs new agent keys from policy server using doManagement() method.
③WebAgent replaces its agent keys
---------------
Situation was changed.
Actually, This problem was caused by RFC 2109.
That is, Custom agent created SMSESSION contains "=" character.
and then, WebApplication Server(Liferay) surrounds SMSESSION value by Double-Quatation.
for example,
actual SMSESSION
foiwejgwsui46nvsdoforu2390tnwovgs89tj3nnv9we8g==
SMSESSION in WebApplication Response
"foiwejgwsui46nvsdoforu2390tnwovgs89tj3nnv9we8g=="
Client did not send the former but the latter.
Therefore, CA WebAgent couldn't decrypt the latter SMSESSION.
I have two questions.
1
Can JNI custom agent or CA WebAgent be set as belows?
--JNI custom Agent
Does not create SMSESSION contains "=" character.
--CA WebAgent
Can interpret SMSESSION surrounded by Double-Quatation.
2.
I would like to confirm how to distinguish whether agent key roll over done or not.
I think following conditions are enough to judge agent keys roll over are done.
①Return code of doManagement() is AgentAPI.YES
②AttributeList from doManagement() contains following Attributes.
・AgentAPI.AGENT_KEY_UPDATE_CURRENT
・AgentAPI.AGENT_KEY_UPDATE_LAST
・AgentAPI.AGENT_KEY_UPDATE_NEXT
・AgentAPI.AGENT_KEY_UPDATE_PERSISTENT