Patrick-Dussault

Latest Knowledge Base Articles for CA Single Sign-On :: 2018 - 07 - 31

Discussion created by Patrick-Dussault Employee on Aug 6, 2018

Hi folks !

 

Find below the list of the latest Knowledge Base Articles for Single
Sign-On (Formerly CA SiteMinder) published or updated since July 1
2018:

 

Latest 20 published Knowledge Documents :

 

 

 

WHAT IS THE RECOMMENDED APPROACH TO RENEW A FEDERATION SIGNING CERTIFICATE THAT IS ABOUT TO EXPIRE?
kb000108733

 

This document provides information on how to renew signing certificate

 

CA ACCESS GATEWAY(SECURE PROXY SERVER) ACTING AS IDP IS USING THE ASSERTIONCONSUMERSERVICEURL IN AN AUTHENTICATION REQUEST EVEN THOUGH THE ACCEPT ACS URL IN THE AUTHNREQUEST OPTION IS NOT SELECTED
kb000108654

 

This document describes a known issue where CA Access Gateway(Secure Proxy Server) acting as IDP is using the AssertionConsumerServiceURL in an authentication request even though the Accept ACS URL in the Authnrequest option is not selected

 

HOW DO I PREVENT A COOKIE REPLAY ATTACK IN SITEMINDER?
kb000108733

 

This document provides information on how to prevent cookie replay attacks in Siteminder

 

AUTHENTICATION CHAIN WITH IWA AUTHENTICATION SCHEME FALLBACK TO FORM NOT HAPPENING PCS OUTSIDE COMPANY DOMAIN
kb000108650

 

This document describes use case on how to configure authentication chain IWA fallback to form

 

THE POLICY STORE COULD NOT BE INITIALIZED WHILE CONFIGURING THE POLICY STORE
kb000108648

 

This document describes a use case where the policy server reports The policy store could not be initialized error while configuring the policy store

 

WHEN TRYING TO AUTHENTICATE THROUGH SSO AUTHAZWS FROM CA API GATEWAY THE ACCESS GATEWAY DOES NOT RESPOND
kb000108638

 

When trying to authenticate through AuthAzWS from CA API gateway the access gateway does not respond . u000au000aWhen is done through a web browser, or via SOAPUI, directly to the backend then the request works

 

HOW TO ENABLE ADMINUI RESTAPI TRACES?
kb000103255

 

This document shows the steps needed to enable tracing for the RestAPI

 

WHEN WILL CA ACCESS GATEWAY EMBEDDED TOMCAT BE UPGRADED FROM 7.0.82
kb000108559

 

When will Tomcat in Access Gateway be upgraded to 7.0.82 or newer.

 

ADMINUI FROZEN AND HANDSHAKE ERRORS DUE TO SOCKET ERROR 0
kb000107619

 

This document explains how you can solve this situation when the errors mentioned appear

 

HOW CAN I START WEB AGENT USING SYSTEMCTL INSTEAD APACHECTL?
kb000107936

 

This document shows what steps need to be done to start your Web Agent running on Apache web server in RHEL7 using systemctl

 

IS THERE A LIST OF PUBLIC DOMAINS THAT ARE ALLOWED FOR THE REDIRECT URI'S?
kb000101467

 

We only allow public domains that are below in this document. You should not be able to put just any domain in. You could put an enhancement on the idea wall on ca communities to put a check box not to validate that url against a format. Remember - These public domains listed below in the document are the only domains that are validated because there is concern for security reasons that the redirect uri would redirect to an invalid domain/not validated domain without restricting domains.u000au000aYou can use a 3rd party Dns Lookup tool to check validated public domains.

 

WHY AM I GETTING ERRORS ON AN XPS IMPORT ON THE POLICY SERVER ON DUPLICATE DATA,
kb000102280

 

This question can come up in the process of making an parallel upgrade with the policy store for any CA SSO

 

REQUEST FORM SUBMISSION ERROR IN FEDERATED APPLICATION
kb000108153

 

When user/Vendor tried to enter the data in POL application request form page after a minute page is refreshing all the data is getting wiped off.

 

XPSSWEEPER WSFEDSP OBJECT 'CANNOT BE SAVED' ERROR
kb000108152

 

12.7 SP2 XPSSweeper is finding SharePoint Agent related errors that were not found by 12.52 SP1 Sweeper.

 

HOW TO DISABLE HTTP PORT FOR ADMIN UI
kb000108151

 

http port disable for security scan

 

IN TOMCAT ENVIRONMENT, SMSESSION COOKIE IS NOT DECODE BY WEBAGENT.
kb000046200

 

In SSO environment launched Tomcat, WebAgent can't decode SMSESSION cookie, because SMSESSION cookie contains double quatation("").

 

COMMUNICATION FAILURE BETWEEN SITEMINDER POLICY SERVER AND WEB AGENT
kb000108132

 

What does the message "Communication failure between SiteMinder policy server and web agent." mean?

 

RUNNING SMTEST TOOL, WHERE DO I FIND THE .INI FILE ?
kb000077678

 

This technote (Knowledge Document) gives some details about the performance testing with the smtest tool.

 

SPS HTTPD ACCESS LOGS ARE NOT ROTATING
kb000095816

 

we have been seeing an issue with httpd logs filling up our disks. the rotatelogs configuration is in place but they do not rotate the logs and the access log keeps filling up. Please advice. Version details are below:- Attached the httpd.conf file. u000au000aProduct Name=CA SiteMinder Secure Proxy Server u000a12.52 SP1 CR07

 

CAPKI UNINSTALL TOOL DOES NOT WORK
kb000016700

 

This document explains why the installation does not seem to respond and which steps to follow know more about the issue, and eventually solve it

 

 

 

 

Here are the Top 20 most consulted Knowledge Document last month :

 

SMAUTHREASON reason code document (Legacy_Onyx KB Id: 176074)
kb000054936

 

Server Error 10-0004
kb000039843

 

SM web agent LLAWP failed to initialized with Apache 2.4 on startup due to Semaphore issue
kb000005014

 

Policy Server :: Disable Flag : SmAuthReason
kb000049509

 

Agent Api function failed when load balancer is introduced between agent and policy server
kb000038141

 

Steps to Re-register Admin UI
kb000009742

 

Error (in Event Viewer): Failed to initialize the message bus.
kb000050994

 

Unable to resolve fully qualified host name. Exiting with HTTP 500 server error '00-0016'
kb000005450

 

Resolving Problems installing the Java JCE Unlimited Strength Jurisdiction Policy Files package
kb000005450

 

CA Access Gateway (formerly Secure Proxy Server): Commonly Tuned Parameters
kb000043275

 

Web Agent IPC Error
kb000050269

 

What is the meaning of the WebAgent error message 20-0004?
kb000053446

 

Why WebServer user is required to have write permission on the "SmHost.conf" file?
kb000050544

 

systemctl and Web Agent startup settings for Red Hat Apache Web Server 2.4.x
kb000004165

 

Web agent unable to process SMSESSION
kb000041040

 

How to protect a Tomcat web application using Siteminder.
kb000053831

 

SiteMinder Error Codes
kb000055096

 

What are the possible handshake errors in policy server?
kb000042071

 

HTTP Status 400 - Bad Request with Error messasge BAD_SAML_REQUEST_ENCODING
kb000007847

 

How to Enable SPS logs
kb000009687

 

Best Regards,

Patrick

Outcomes