R12.51 CR08
=========
March 2,2016 SiteMinder Web Agent 12.51 CR08 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
DE68466 The Windows Step-up Authentication challenges user with the NTLM dialog with an access denied error.
DE71348 If CSSErrorFile is set to a local file path, Web Agent appends extra text strings to the error page.
DE74795 Apache webserver fails to start and determine the path to the .properties file when web agent is enabled.
DE77231 The SMUSRMSG cookie appears even after successful authentication.
DE86771 Web agent crashes if the HTTP_OPENID_DISC cookie is not present in headers for the OpenID
authentication provider.
DE91647 Duplicate ICU shared library files are present in the ICU third-party folder.
DE99651 The SMIDENTITY cookie gets deleted on log out.
DE101425 The web agent configuration wizard fails to update the opmn.xml with Oracle HTTP Server 11g.
DE104560 HTTP Response of BadCSSCharsFound contains incorrect HTML data.
DE101425 The web agent configuration wizard fails to update the opmn.xml with Oracle HTTP Server 11g.
DE104560 HTTP Response of BadCSSCharsFound contains incorrect HTML data.
DE106113 The time unit in SmPortal.cfg is incorrectly represented in milliseconds.
DE106339 Enabling EnableAuditing and disabling IgnoreQueryData create unexpected audit log entries.
DE134829 Web Agent encodes special characters before the r.hook '?' during a redirect to the cookie provider.
R12.51 CR07
=========
September 30, 2015 SiteMinder Web Agent 12.51 CR07 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
53752 The /siteminderagent/pw virtual directory does not contain the template files and PWS.fcc files.
161398 CSS Vulnerability exists in Siteminder Forms Templates of non-agent framework Web Agents.
127012 The IIS worker process crashes under load after 60 hours as the web agent fails to initialize.
55714 The Windows PATH variable is appended with duplicate values after reinstalling Web Agent.
163053 CAPKI is upgraded to CAPKI 4.3.8 release.
156629 The Apache Web Agent causes high CPU usage.
161175 Web Agent is getting initialized even though agent is not configured to the website.
161606 Web Agent replaces the space character with the "+" character during the post preservation process if the multipart/form-data encryption is used.
146604 Web agent host registration fails when the CA SiteMinder administrator password contains the "%" character.
The Web Agent r12.51 CR07 release contains the following certifications:
Support for Web Agent on Red Hat JWS HTTP Server 3.0 (64-bit) on RHEL 6 (64-bit)
R12.51 CR06
=========
May 22, 2015 SiteMinder Web Agent 12.51 CR06 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
141160 SAMLDataPlugin fails to accept the UseSecureCookies ACO parameter for Web Agent on the target application of Service Provider.
119892 Agent log output is incorrect for DefaultAppPool that is enabled with 32-bit applications.
74661 Agent fails to display the page in the browser when you re-authenticate after the timeout.
152968 ACO parameter AutoAuthorizeOptions limits only to OPTIONS method if you enable it. A new ACO parameter
AutoAuthorizeHttpMethods comprises OPTIONS and HEAD methods by default. You can add additional methods to this parameter.
71833 Agent on IIS 7.5 continuously restarts after you add the second web site to the Web Server.
114493 The URL access request blocks when you access a URL which contains %c0%af with DisAllowUTF8NonCanonical flag set to no in ACO.
R12.51 CR05
=========
November 28, 2014 SiteMinder Web Agent 12.51 CR05 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
139097 IBM Domino Web Server 8.53 64-bit on AIX 7.1 64-bit terminates abruptly, when you enable the Web Agent.
126845 Web Agent erroneously deletes the third party cookie which contains string SMSESSION.
73275 Forms credentials collector page fails to display with ZOS web agent.
65158 Exit impersonation terminates abruptly in 12.5x due to the missing SMSAVEDSESSION cookie.
62057 The Web Agent vulnerability in SMAUTHREASON with non-numeric data, is exposed to JSP/JavaScript attack.
137042 Number of open file handles keep increasing on IBM Domino Web Server 8.5.3 64-bit on AIX 7.1 (64-bit) when Web Agent is in use.
73267 On re-authentication for a POST request, a plus character gets changed to a space character in postpreservationdata.
136920 Apache based Web Agent module terminates abruptly due to improper error handling.
The Web Agent r12.51 CR05 release contains the following certifications:
- Support for Web Agent on IBM Domino Web Server 8.53 64-bit on AIX 7.1 (64-bit)
- Support for Web Agent on Apache 2.4 (64-bit) on Windows 2012 (64-bit)
R12.51 CR04
=========
July 31, 2014 SiteMinder Web Agent 12.51 CR04 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
54393, 62081 The Apache agent appends the default error document while accessing a FCC page.
53621,62089 Web Agent configured with forms authentication scheme generates different return codes for a valid user
name/invalid password and invalid user name/invalid password.
55007 DefaultAppPool in IIS terminates abruptly if the user account is locked after the defined incorrect
password attempts.
54137, 62083 DefaultAppPool in IIS terminates abruptly if the NTLM header length exceeds 256 characters.
55020 IIS terminates abruptly when it authenticates an already authenticated user.
55115 Web Agent terminates abruptly when trying to resolve a host name that contains invalid characters.
55021 The Apache WebAgent does not support graceful Apache restart.
62993, 73395 Web Agent requests User ID again when the Password Force Change policy is configured.
54308, 62088 SSO functionality fails to work when user session moves from non-persistent session to persist
session.
55892, 79811 If the Web Agent is configured, the Apache's FastCGI modules goes in to the zombie/defunct state.
55676, 73268 A plus character '+' changes to ' ' on re-authentication of a POST request in postpreservationdata.
52762, 62063 The SunOne WebAgent terminates abruptly when a large URL ends with the '%' character.
55227, 55294 The Web Agent fails to display the Login.fcc page properly in HP-Itanium platform.
63369 Silent Installation and Configuration of Web Agent on IIS 8 are not working as expected.
53774 The Policy Server fail-over takes longer than expected.
54835 Web Agent's log contains time stamps in different time zones.
54285 Web Agent for OHS 12c and OHS 12c-64 bit are not supported on Linux platform.
62888 Web Agent for OHS 12c-64 bit is not supported on Windows platform.
55280, 62050 Web Agent re-challenges the user for authentication when the user tries to download the XLS files from
browser.
55724 Web Agent reports -1, -2 erros and Policy Server reports 107 error when a resource is accessed after idle timeout.
54542, 62065 Web Agent crashes under load.
53357, 62070 User gets re-challenged when cookie size exceeds the configured limit.
97578 The SmPortalVfy.exe utility displays an incorrect Policy Server version.
55010 Unable to receive "x-frame-options" header variable in response while accessing a resource.
55435,54982, 73266 Log in fails when a user with no authorization privilege tries to login if the HttpheaderEncodingSpec=UTF-8,RFC-2047 and ProxyAgent=yes options are set.
R12.51 CR03
=========
March 27, 2014 SiteMinder Web Agent 12.51 CR03 contains fixes for the following tracking numbers:
Tracking # Problem description
--------- -------------------
177053,178647 When login.fcc is accessed with incorrect URL,the Apache process terminates abruptly.
175608 The performance degrades when WWSI is integrated with a Web Agent on IIS Server.
167113,178153 The urlencode function in FCC encoding fails to encode $.
171814,178540 The curly brackets in SMTOKEN cause the hardware load balancer to block the request.
173905,178659 The NTLM authentication fails on IIS Web Agent when the NTCExt ACO parameter is not defined.
170800,178668 The Domino Web Agent terminates abruptly when processing requests with long URLs.
166924,178152 Agent Name containing a character listed in the BadFormChars ACO parameter fails to allow access to a protected resource.
167938,178155 User redirection to password services page fails when smretries is set to 1 and the user is disabled
due to inactivity.
139097,180801 IIS Web Agent 7.5 terminates abruptly if the DisableUserNameVars ACO is disabled.
178163,170655 Web Agent fails to trace TransactionID that is used for authentication.
178594 Web Agent fails to protect resource on IIS Web Server when IISCacheDisable ACO parameter is enabled.
178650,176078 With an IIS 7.5 web agent, whenever the web.config file is updated, the users are redirected to an error page.
181962,178666,171690 Web Agent fails to copy the PWS.fcc template file in to the /siteminderagent/pw virtual directory.
178669,169009 Web Agent for Apache 2.2 fails to preserve header values even when the PreserveHeaders ACO parameter is enabled.
178670 Web Agent on Apache Web Server appends extra bytes while serving the HTML Form authentication page.
178994 Web Agent is now certified for Windows 2012 (x64) platform.
R12.51 CR02
=========
February 25, 2014 SiteMinder Web Agent 12.51 CR02 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
This component is not released as part of 12.51 CR2.
R12.51 CR01
=========
July 3, 2013 Web Agent 12.51 CR01 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
165048 The Web Agent installer now correctly detects the Oracle HTTP Server 11g on Windows 2008 R2 64-bit
168230 When the "Enable Webagent" parameter is set to yes in an ACO, the web agent no longer reports the value of this parameter twice in the agent log file.
168299 The Web Agent configuration wizard will now allow administrators to preserve or overwrite configuration of
web server instances which were previously configured
168674 The web agent now supports new "overlooksessionaspattern" configuration parameter
169173 The Web Agent installer now correctly installs filter component for a Domino Web Server on the AIX operating
system
169329 The IIS Web Server log now correctly reports return codes from the Web agent
169796 The Web Agent Configuration wizard now correctly configures the "Certificate or Form" authentication scheme
on Apache 2.2 web servers.
170234 The Web Agent installer now correctly installs 32-bit IIS ISAPI filters on Windows 64-bit operating systems
170580 The Web Agent now correctly constructs the redirection URL when ConstructFullPwsvcUrl parameter is set to yes and the Password Policy Redirection URL contains a fully qualified URL
170592 The IIS Web Agent no longer doubles response attributes when PreserveHeaders setting is set and a resource is accessed by default document
170619 The Web Agent will now start properly when it is configured to use more than 1024 log files.
170687 The Web Agent now correctly handles query parameters defined in the "Target URL" attribute of an authentication scheme
170994 The SmPortal.cfg file is installed in the correct directory for the Web Agent.
171017 The IIS7 Web Agent no longer spawns child requests for every request processed resulting in increased performance
171042 Various language translation issues in default fcc template files have been addressed in this release
171158 A user is authenticated to the correct user with Integrated Windows Authentication
171208 The Web Agent will no longer send frequent Agent Discovery updates to the Policy Server