Symantec Access Management

  • Private Community
 View Only

  • 1.  Risk Engine Post Eval Denied transaction ErrorMessage

    Posted May 16, 2018 04:36 PM
      |   view attached

    Hello CA Communites,
    We are getting a Risk Engine Post Eval Denied Transaction Error message after the User is authenticated and getting a Status of authenticated (0).
    Happening in:
    THE CHROME - Sporadic

    OS: Windows 2012 R2
    AA: 8.1.3 and 9.0.1
    siteminder: 12.52. SP02 and 12.7.2
    arcot adapter:8.1.3

    Have you seen this before in any of your environments or at any client sites?

    Thank you,

    Sowmya



  • 2.  Re: Risk Engine Post Eval Denied transaction ErrorMessage

    Broadcom Employee
    Posted May 18, 2018 06:46 PM

    Please check $ARCOT_HOME/logs/adaptorshim.log file on the policy server. This log file might give you information about the issue.

    Most common scenario for this kind of error is when your $ARCOT_HOME/conf/adaptorshim.ini file has

    Configured AFM Landing URL and Auth Url in the token.

     

    ------------------  Reference entry in for this error in adaptorshim.log file -------------------

    Configured AFM Landing URL https://abc.com:443/arcotafm/master.jsp?profile=testprofile1 does not match auth url in token: https://xyz.com:443/arcotafm/master.jsp?profile=testprofile1

     

    Possible solution:

    check SM policy server is returning same name or ip for the Web server that is hosting  "arcotafm.war"  web application.

    also, check you haven't provided etc/host file for web server entry differently than expected.