Hi,
I have configured my realm to authentication using Kerberos authentication.
every time the web-agent (which is installed on a Secure Proxy Server) send the kerberos token to the policy server, the policy server crashes and restart.
even when I use the Siteminder test tool, isAuthenticated request cause the policy server to crash.
I used to step-by-step guide from the community for this setup.
general infomration:
CA SSO 12.6 SP2
JDK 1.8
when in-memory tracing is enabled I get the following data in the crash file:
05/21/2017|19:06:20.074|19:06:20|3160|5064|CServer.cpp:1497|ThreadPool::Run|||||||||||||||192.168.20.10|51911|||||Dequeuing a Normal Priority message, from IP 192.168.20.10 with Port No 51911. Current count is 0|
05/21/2017|19:06:20.074|19:06:20|3160|1556|CServer.cpp:1936|CAgentMessageHandler::HandleInput|||||||||||||||192.168.20.10|51911|||||Enqueuing a Normal Priority Message, from IP 192.168.20.10 with Port No 51911. Current count is 0|
05/21/2017|19:06:20.074|19:06:20|3160|5064|CServer.cpp:6108|CServer::ProcessRequest|||||||||||||||||||||Enter function CServer::ProcessRequest|
05/21/2017|19:06:20.074|19:06:20|3160|5064|CServer.cpp:6294|CServer::ProcessRequest|||||||||||||104||||||||Leave function CServer::ProcessRequest|||||||||||||||||||||||||||||||||||||00:00:00.000000|
05/21/2017|19:06:20.325|19:06:20|3160|4236|SmObjCache.cpp:524|CSmObjCache::Cleanup|||||||||||||||||||||Cleanup the object cache.|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsLdapProvider.cpp:1244|CSmDsLdapProvider::InitDir|||||||||||||||||||||Binding 'dir' connection to LDAP server bank #1: dc.bnhptest.local:389|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmLdapPs.cpp:146|SmLdapPs::set_prldap_opt_io_max_timeout|||||||||||||||||||||PRLDAP_OPT_IO_MAX_TIMEOUT set to 10000 milliseconds|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmLdapPs.cpp:146|SmLdapPs::set_prldap_opt_io_max_timeout|||||||||||||||||||||PRLDAP_OPT_IO_MAX_TIMEOUT set to 22000 milliseconds|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmLdapPs.cpp:146|SmLdapPs::set_prldap_opt_io_max_timeout|||||||||||||||||||||PRLDAP_OPT_IO_MAX_TIMEOUT set to 10000 milliseconds|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmObjCache.cpp:830|CSmObjCache::Fetch|||||||||||||||||||||Retrieve an object from the object cache.||||1c-67b3c2b0-9e28-11d3-95e7-00c04f7468ef|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmObjStore.cpp:3538|IsADEnhanced|||||||||||||||||||||Global Preferences:|||||
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsLdapProvider.cpp:1371|CSmDsLdapProvider::InitDir|||||||||||||||||||||Binding 'user' connection to LDAP server bank #1: dc.bnhptest.local:389|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmLdapPs.cpp:146|SmLdapPs::set_prldap_opt_io_max_timeout|||||||||||||||||||||PRLDAP_OPT_IO_MAX_TIMEOUT set to 10000 milliseconds|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmLdapPs.cpp:146|SmLdapPs::set_prldap_opt_io_max_timeout|||||||||||||||||||||PRLDAP_OPT_IO_MAX_TIMEOUT set to 10000 milliseconds|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsLdapProvider.cpp:1438|CSmDsLdapProvider::InitDir|||||||||||||||dc.bnhptest.local|389|||||Using LDAP server bank #1|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsDir.cpp:81|CSmDsDir::CSmDsDir|||||||||||||||||||||Return from call InitDir.|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsObj.cpp:94|CSmDsObj::IsValid|||||||||||||||||||||Start of call IsValid.|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsObj.cpp:96|CSmDsObj::IsValid|||||||||||||1||||||||Return from call IsValid.|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsDir.cpp:1080|CSmDsDir::GetDirectoryVersionInfo|||||||||||||||||||||Enter function CSmDsDir::GetDirectoryVersionInfo|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmDsDir.cpp:1082|CSmDsDir::GetDirectoryVersionInfo|||||||||||||3||||||||Leave function CSmDsDir::GetDirectoryVersionInfo|||||||||||||||||||||||||||||||||||||00:00:00.000000|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmObjCache.cpp:830|CSmObjCache::Fetch|||||||||||||||||||||Retrieve an object from the object cache.||||1c-67b3c2b0-9e28-11d3-95e7-00c04f7468ef|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmObjStore.cpp:3538|IsADEnhanced|||||||||||||||||||||Global Preferences:|||||
05/21/2017|19:06:20.356|19:06:20|3160|364|smauthkerberos.cpp:140|SmAuthQuery|||||||||||||||||||||Enter function SmAuthQuery|
05/21/2017|19:06:20.356|19:06:20|3160|364|SmAuthServer.cpp:335||||||||||||||||||||||LogMessage:INFO:[sm-Server-02750] Loaded authentication scheme internal desktops sso. Version 768 . SiteMinder (TM) Kerberos Authentication Scheme|
05/21/2017|19:06:20.356|19:06:20|3160|364|smauthkerberos.cpp:183|SmAuthInit|||||||||||||||||||||Enter function SmAuthInit|
Stack Trace:
Ordinal9()-[0x73A40000] - C:\Program Files\CA\siteminder\bin\krb5_64.dll
krb5_cc_resolve()-[0x73A47630] - C:\Program Files\CA\siteminder\bin\krb5_64.dll
SmAuthenticate()-[0x7FF9CFA82130] - C:\Program Files\CA\siteminder\bin\smauthkerberos.dll
SmAuthInit()-[0x7FF9CFA806F0] - C:\Program Files\CA\siteminder\bin\smauthkerberos.dll
SmSamlDataProvider::operator=()-[0x7FF9D369DA90] - C:\Program Files\CA\siteminder\bin\SmAuth.dll
CSmAuthUser::AuthenticateUserDir()-[0x7FF9D36BDE30] - C:\Program Files\CA\siteminder\bin\SmAuth.dll
CSmSessionAssuranceCache::~CSmSessionAssuranceCache()-[0x7FF6F1830AF0] - C:\Program Files\CA\siteminder\bin\smpolicysrv.exe
CSmAz::SetContextContainer()-[0x7FF6F17F8B10] - C:\Program Files\CA\siteminder\bin\smpolicysrv.exe
CSmSessionAssuranceCache::~CSmSessionAssuranceCache()-[0x7FF6F1830AF0] - C:\Program Files\CA\siteminder\bin\smpolicysrv.exe
CSmPolicyExtensionCache::~CSmPolicyExtensionCache()-[0x7FF6F186E700] - C:\Program Files\CA\siteminder\bin\smpolicysrv.exe
CServer::ProcessRequest()-[0x7FF9D996FE60] - C:\Program Files\CA\siteminder\bin\SMUTILITIES.dll
ThreadPool::Run()-[0x7FF9D995B4E0] - C:\Program Files\CA\siteminder\bin\SMUTILITIES.dll
ThreadPool::Run()-[0x7FF9D995B4E0] - C:\Program Files\CA\siteminder\bin\SMUTILITIES.dll
ThreadPoolBase::ThreadProc()-[0x7FF9D99AD5A0] - C:\Program Files\CA\siteminder\bin\SMUTILITIES.dll
beginthreadex()-[0x7FF9D9144E78] - C:\Windows\SYSTEM32\MSVCR120.dll
endthreadex()-[0x7FF9D9144F94] - C:\Windows\SYSTEM32\MSVCR120.dll
BaseThreadInitThunk()-[0x7FF9E11B15C0] - C:\Windows\system32\KERNEL32.DLL
RtlUserThreadStart()-[0x7FF9E15043B4] - C:\Windows\SYSTEM32\ntdll.dll
did anyone face this issue before? is this a 12.6 issue?
BTW: It does not matter where I locate the krb5.ini file, it crashes everytime.
Regards,
Oren