Symantec Access Management

 View Only
  • 1.  SMSESSION in log files

    Broadcom Employee
    Posted Feb 26, 2018 12:31 PM

    Ref:  Explicit login 

    I've got a scenario in which a web agent seems to be adding double quotes (") around the value of SMSESSION.  This environment has a cookie provider.  The web agents that are adding the double quotes are in a cloud environment. All of the cloud agents don't seem to be bothered by the double quotes, but the agents which are NOT in the cloud consider the cookies with double quotes invalid and you get redirected for credentials (i.e., SSO is broken across cookie domains).  Cookies that are created by non-cloud web agents are accepted by the cloud web agents, but we can't go the other direction.


    I'd like to verify exactly which agent is introducing the double quote characters.  WebAgentTrace.conf indicates I can capture the SESSIONSPEC and SESSIONID, but SMSESSION is not mentioned.  I also tried the profiler, enabling AgentFunc > (GetSessionVariables, SetSessionVariables), but I don't see SMSESSION itself in smtracedefault.log.  Is there a way for me to log SMSESSION anywhere in the CA SSO logs vs. capturing it in the browser's cookie?

  • 2.  Re: SMSESSION in log files
    Best Answer

    Posted Feb 26, 2018 06:51 PM

    No, there isn't a way to log SMSESSION anywhere in SSO logs. 

    This used to be available earlier but removed due to security concerns.


    It's probably tomcat which is adding double quotes for SMSESSION cookie value.

    Please refer : Double-quoted SMSESSION value