Layer 7 Access Management

Latest Knowledge Base Articles for CA Single Sign-On :: 2018 - 07 - 31

  • 1.  Latest Knowledge Base Articles for CA Single Sign-On :: 2018 - 07 - 31

    Posted 08-06-2018 10:31 AM

    Hi folks !

     

    Find below the list of the latest Knowledge Base Articles for Single
    Sign-On (Formerly CA SiteMinder) published or updated since July 1
    2018:

     

    Latest 20 published Knowledge Documents :

     

     

     

    WHAT IS THE RECOMMENDED APPROACH TO RENEW A FEDERATION SIGNING CERTIFICATE THAT IS ABOUT TO EXPIRE?
    kb000108733

     

    This document provides information on how to renew signing certificate

     

    CA ACCESS GATEWAY(SECURE PROXY SERVER) ACTING AS IDP IS USING THE ASSERTIONCONSUMERSERVICEURL IN AN AUTHENTICATION REQUEST EVEN THOUGH THE ACCEPT ACS URL IN THE AUTHNREQUEST OPTION IS NOT SELECTED
    kb000108654

     

    This document describes a known issue where CA Access Gateway(Secure Proxy Server) acting as IDP is using the AssertionConsumerServiceURL in an authentication request even though the Accept ACS URL in the Authnrequest option is not selected

     

    HOW DO I PREVENT A COOKIE REPLAY ATTACK IN SITEMINDER?
    kb000108733

     

    This document provides information on how to prevent cookie replay attacks in Siteminder

     

    AUTHENTICATION CHAIN WITH IWA AUTHENTICATION SCHEME FALLBACK TO FORM NOT HAPPENING PCS OUTSIDE COMPANY DOMAIN
    kb000108650

     

    This document describes use case on how to configure authentication chain IWA fallback to form

     

    THE POLICY STORE COULD NOT BE INITIALIZED WHILE CONFIGURING THE POLICY STORE
    kb000108648

     

    This document describes a use case where the policy server reports The policy store could not be initialized error while configuring the policy store

     

    WHEN TRYING TO AUTHENTICATE THROUGH SSO AUTHAZWS FROM CA API GATEWAY THE ACCESS GATEWAY DOES NOT RESPOND
    kb000108638

     

    When trying to authenticate through AuthAzWS from CA API gateway the access gateway does not respond . u000au000aWhen is done through a web browser, or via SOAPUI, directly to the backend then the request works

     

    HOW TO ENABLE ADMINUI RESTAPI TRACES?
    kb000103255

     

    This document shows the steps needed to enable tracing for the RestAPI

     

    WHEN WILL CA ACCESS GATEWAY EMBEDDED TOMCAT BE UPGRADED FROM 7.0.82
    kb000108559

     

    When will Tomcat in Access Gateway be upgraded to 7.0.82 or newer.

     

    ADMINUI FROZEN AND HANDSHAKE ERRORS DUE TO SOCKET ERROR 0
    kb000107619

     

    This document explains how you can solve this situation when the errors mentioned appear

     

    HOW CAN I START WEB AGENT USING SYSTEMCTL INSTEAD APACHECTL?
    kb000107936

     

    This document shows what steps need to be done to start your Web Agent running on Apache web server in RHEL7 using systemctl

     

    IS THERE A LIST OF PUBLIC DOMAINS THAT ARE ALLOWED FOR THE REDIRECT URI'S?
    kb000101467

     

    We only allow public domains that are below in this document. You should not be able to put just any domain in. You could put an enhancement on the idea wall on ca communities to put a check box not to validate that url against a format. Remember - These public domains listed below in the document are the only domains that are validated because there is concern for security reasons that the redirect uri would redirect to an invalid domain/not validated domain without restricting domains.u000au000aYou can use a 3rd party Dns Lookup tool to check validated public domains.

     

    WHY AM I GETTING ERRORS ON AN XPS IMPORT ON THE POLICY SERVER ON DUPLICATE DATA,
    kb000102280

     

    This question can come up in the process of making an parallel upgrade with the policy store for any CA SSO

     

    REQUEST FORM SUBMISSION ERROR IN FEDERATED APPLICATION
    kb000108153

     

    When user/Vendor tried to enter the data in POL application request form page after a minute page is refreshing all the data is getting wiped off.

     

    XPSSWEEPER WSFEDSP OBJECT 'CANNOT BE SAVED' ERROR
    kb000108152

     

    12.7 SP2 XPSSweeper is finding SharePoint Agent related errors that were not found by 12.52 SP1 Sweeper.

     

    HOW TO DISABLE HTTP PORT FOR ADMIN UI
    kb000108151

     

    http port disable for security scan

     

    IN TOMCAT ENVIRONMENT, SMSESSION COOKIE IS NOT DECODE BY WEBAGENT.
    kb000046200

     

    In SSO environment launched Tomcat, WebAgent can't decode SMSESSION cookie, because SMSESSION cookie contains double quatation("").

     

    COMMUNICATION FAILURE BETWEEN SITEMINDER POLICY SERVER AND WEB AGENT
    kb000108132

     

    What does the message "Communication failure between SiteMinder policy server and web agent." mean?

     

    RUNNING SMTEST TOOL, WHERE DO I FIND THE .INI FILE ?
    kb000077678

     

    This technote (Knowledge Document) gives some details about the performance testing with the smtest tool.

     

    SPS HTTPD ACCESS LOGS ARE NOT ROTATING
    kb000095816

     

    we have been seeing an issue with httpd logs filling up our disks. the rotatelogs configuration is in place but they do not rotate the logs and the access log keeps filling up. Please advice. Version details are below:- Attached the httpd.conf file. u000au000aProduct Name=CA SiteMinder Secure Proxy Server u000a12.52 SP1 CR07

     

    CAPKI UNINSTALL TOOL DOES NOT WORK
    kb000016700

     

    This document explains why the installation does not seem to respond and which steps to follow know more about the issue, and eventually solve it

     

     

     

     

    Here are the Top 20 most consulted Knowledge Document last month :

     

    SMAUTHREASON reason code document (Legacy_Onyx KB Id: 176074)
    kb000054936

     

    Server Error 10-0004
    kb000039843

     

    SM web agent LLAWP failed to initialized with Apache 2.4 on startup due to Semaphore issue
    kb000005014

     

    Policy Server :: Disable Flag : SmAuthReason
    kb000049509

     

    Agent Api function failed when load balancer is introduced between agent and policy server
    kb000038141

     

    Steps to Re-register Admin UI
    kb000009742

     

    Error (in Event Viewer): Failed to initialize the message bus.
    kb000050994

     

    Unable to resolve fully qualified host name. Exiting with HTTP 500 server error '00-0016'
    kb000005450

     

    Resolving Problems installing the Java JCE Unlimited Strength Jurisdiction Policy Files package
    kb000005450

     

    CA Access Gateway (formerly Secure Proxy Server): Commonly Tuned Parameters
    kb000043275

     

    Web Agent IPC Error
    kb000050269

     

    What is the meaning of the WebAgent error message 20-0004?
    kb000053446

     

    Why WebServer user is required to have write permission on the "SmHost.conf" file?
    kb000050544

     

    systemctl and Web Agent startup settings for Red Hat Apache Web Server 2.4.x
    kb000004165

     

    Web agent unable to process SMSESSION
    kb000041040

     

    How to protect a Tomcat web application using Siteminder.
    kb000053831

     

    SiteMinder Error Codes
    kb000055096

     

    What are the possible handshake errors in policy server?
    kb000042071

     

    HTTP Status 400 - Bad Request with Error messasge BAD_SAML_REQUEST_ENCODING
    kb000007847

     

    How to Enable SPS logs
    kb000009687

     

    Best Regards,

    Patrick