AnsweredAssumed Answered

Session Validation Error

Question asked by VVK on Oct 17, 2016
Latest reply on Oct 30, 2016 by VVK

Hi,

 

We are getting below issue after pointing(Without Host re-registration) the WebAgent(R12SP3CR09) on application webserver from SiteMinder R12 environment to R12.52 SP02 environment. Even after successful authentication user is still getting the login page.

 

SMAccess logs on policy server -

 

AuthAccept AAP45 [17/Oct/2016:00:18:36 -0700] "xx.xx.***.x <UserDN>" " apps-agent GET /apps/store/test.jsp " [idletime=0;maxtime=670794924;authlevel=4;] [0]  [] []

AuthAccept AAP45 [17/Oct/2016:00:18:44 -0700] "xx.xx.***.x <UserDN>" " apps-agent GET /apps/store/test.jsp " [idletime=0;maxtime=670794916;authlevel=4;] [0]  [] []

AuthAccept AAP45 [17/Oct/2016:00:18:51 -0700] "xx.xx.***.x <UserDN>" " apps-agent GET /apps/store/test.jsp " [idletime=0;maxtime=670794909;authlevel=4;] [0]  [] []

AuthAccept AAP45 [17/Oct/2016:00:19:00 -0700] "xx.xx.***.x <UserDN>" " apps-agent GET /apps/store/test.jsp " [idletime=0;maxtime=670794900;authlevel=4;] [0]  [] []

ValidateReject AAP45 [17/Oct/2016:00:19:30 -0700] "xx.xx.xxxx " " apps-agent GET /apps/store" [] [2] Invalid key in use [] []

 

It seems like policy server failed to validate the session. AuthReason 2 shows Invalid Session.

Is it issue because of session ticket key? If yes, then how it’s working fine for an application which we migrated/repointed from R12 & R12.52 environment.

 

The webagent(Pointed to R12.52) logs on centralized server serving the login pages shows below error message –

[WARNING] Unable to process SMSESSION cookie.

 

Additional details – All policy servers in R12.52 environment are having same encryption key and pointed to a common key store collated with Policy store. One of the policy server is configured to Generate the agent keys.

We have not yet checked the application WebAgent logs.

 

Can you please help with above issue?

Outcomes