AnsweredAssumed Answered

SAML federation no longer work when upgrading web agent + agent optionpack to r12.52

Question asked by dmt953 on Jul 21, 2016
Latest reply on Jul 21, 2016 by Kelly Wong

Hello,

 

I previously posted this issue but closed it because we had multiple issues which were caused by an upgrade from r12.0 to r12.52 policy server.  We initially seen two issues with our upgrade first is with SSO between our old r12.0 policy server to our new r12.52 policy server and the second issue is the Federation Services fails after we run the in-place upgrade of the web agent and agent option pack from r12.0 SP3 to r12.52 SP1 CR5.

 

The general error I see in the FWTrace.log is that it is complaining that it is unable to find the SAML service partner ID that I am trying to invoke SAML SSO with, but when I look in the WAMUI I can confirm that it is there and able to bring up the configuration.  Once again, I did not face this issue in our DEV environment so I am very puzzled to why I am encountering this issue in our QA environment.

 

Any help or advise is very much appreciated!

 

 

FWTrace.log:

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Requesting data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Administration Manager is returning data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][doGet][SAML2 Single Sign-On Service received GET request.]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][FWSBase.java][doRequestLog][Requesting Host: 10.22.143.10 Requesting Host IP: 10.22.143.10 Request protocol: HTTP/1.1 Request was secure: false Authentication type: null]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][doGet][Query String: SPID=http://fs.stg.hodesiq.com]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][getSavedRequestDataUsingGuid][Enter getSavedRequestDataUsingGuid]

[07/21/2016][01:07:25][3216][2928499600][][DelegatedAuthHelper][getCookie][Cookie Name: WT_FPC]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][doGet][Request is UNSOLICITED!]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Requesting data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Administration Manager is returning data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][processRequest][Reading SAML 2.0 SP Configuration [CHECKPOINT = SSOSAML2_SPCONFREAD_REQ]]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAML2Base.java][getServiceProviderInfo][Trying to fetch SAML2.0 SP Configuration from cache [CHECKPOINT = SAML2_SPCONFFROMCACHE_REQ]]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAMLTunnelClient.java][getServiceProviderInfoByID][Provider ID: http://fs.stg.hodesiq.com.]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Requesting data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Administration Manager is returning data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAMLTunnelClient.java][getServiceProviderInfoByID][Tunnel result code: 2.]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAMLTunnelClient.java][getServiceProviderInfoByID][Exception caught in class com.netegrity.affiliateminder.webservices.saml2.dm, method getServiceProviderInfoByID: java.lang.IllegalArgumentException: "Cannot parse bytes to a ProviderDataResponseData"]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAML2Base.java][getServiceProviderInfo][SAML2.0 SP Configuration is not in cache. Requesting to get from policy server [CHECKPOINT = SSOSAML2_SPCONFFROMPS_REQ]]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for sp: http://fs.stg.hodesiq.com Message: null.]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for idp: http://fs.stg.hodesiq.com.]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][processRequest][Transaction with ID: e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e failed. Reason: NO_PROVIDER_INFO_FOUND]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][processRequest][No SAML2 provider information found for SP http://fs.stg.hodesiq.com.]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][SSO.java][processRequest][Ending SAML2 Single Sign-On Service request processing with HTTP error 400]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Requesting data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Administration Manager is returning data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Requesting data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][][agentcommon][][Administration Manager is returning data for ConfigManager ID /usr/pservices/ca/siteminder/webagent/config/SmHost.conf and SmAgentConfig ID /usr/pservices/ers/servers/smfss-stg/conf/WebAgent.conf]

[07/21/2016][01:07:25][3216][2928499600][e172145d-27602c9d-4ef44ad7-742dbb61-750d51c3-6e][ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 403 ]

[07/21/2016][01:07:30][3216][2933418896][][CustomPostPageCache][performUpdate][Checking for updates]

Outcomes