Layer 7 Access Management

Tech Tip : Changes made in Fed Object not reflected in CA Access Gateway / Secure Proxy Server

  • 1.  Tech Tip : Changes made in Fed Object not reflected in CA Access Gateway / Secure Proxy Server

    Posted 12-01-2016 06:39 AM

    Introduction:

    When doing some changes with the FSSUI on the Legacy Federation objects, changes are not taken into account automatically by CA Access Gateway/SPS. This is also true for Web Agent Option Pack running on Tomcat/Servlet Exec.

    FWS application still reference old objects values (like Assertion Consumer URL and others).

     

     

    Instructions:

    1. There is a fix available in R12.52 SP1 CR06 / R12.52 SP2 CR01 :

    Background and Issue
    =================
    As per customer, when ACS URL is changed in Policy Server, WAOP is not picking up unless a manual 'FlushAll' is done or app server is restarted.

    Summary of Change
    ================
    When a Legacy SAML Service Provider object/Resource Partner/Affiliate object is created, on submit, now UI code calls FlushAll so that the changes are reflected in WAOP on the next DoManagement thread execution.

     

    2. As Best Practice, it is always better to restart Access Gateway/SPS or WAOP servlet engine to ensure the changes are taken into account.