Release Notes › Federation Release Notes › Federation Defects Fixed in 12.52

Federation Defects Fixed in 12.52

Asserting Party Not Accepting ACS URL in an Authentication Request (170971)

Symptom:

CA SiteMinder® Federation was not accepting and processing the Assertion Consumer Service URL in the incoming authentication request. The system did not verify whether the authentication request had an Assertion Consumer Service URL defined.

Solution:

For an IdP-to-SP partnership, the Administrative UI has a new check box labeled Accept ACS URL in the Authnrequest. This check box is in the SSO section of the SSO and SLO step of the partnership configuration. To confirm that the URL is present and valid in the authentication request, and it is in the metadata, select this option.

STAR issue: 21361990

decryptionkeyalias Option Missing for the smfedexport Tool (178702)

Symptom:

The -decryptionkeyalias command option was missing from the list of smfedexport command options.

Solution:

The -decryptionkeyalias command option is now in the table of command options.

STAR issue: 21594883-01

PS Exception When Retrieving Password (175936)

Symptom:

Policy server (FIPS only) threw the following exception while searching for IDP information for an SP-initiated request:

Exception while attempting to retrieve passwords:

java.lang.SecurityException: class "com.netegrity.util.ct"'s signer information does not match signer information of other classes in the same package.

Solution:

This issue has been corrected.

Star issue 21530627-01.

GetUserProp() Function Created a Policy Server Failure (174951)

Symptom:

WS-FED Assertion Generation GetUserProp() function was causing a Policy Server failure.

Solution:

This issue is no longer a problem..

Star issue 21505894.

SAML Response Error (172963)

Symptom:

The user encountered the error "ACS_BAD_SAMLRESPONSE_XML" while running federation partnership in Siteminder FSS 12.51.

Solution:

CA SiteMinder® Federation is no longer shipping dom.jar and sax.jar file, which were causing the problem.

Star issue 21478695-1

Updates to the Web Agent Option Pack Guide (171546)

The following updates were made to the Web Agent Option Pack Guide:

• Create a WebAgent.conf File—Removed the note, which stated that the agent configuration object referenced in the WebAgent.conf file must be a new object.
• Properties File for Federation Web Services—Revised the description of the AgentConfigLocation setting. This topic applies to the WebLogic, WebSphere, JBOSS, and Tomcat servers.
• Agent Configuration Object Settings Used by FWS—Added this section to describe agent settings that the Federation Web Services application uses.

STAR issue: 21429459

Wrong Recipient Selected for an Assertion (171113)

Symptom:

In an indexed list of Assertion Consumer Service URLs, CA SiteMinder® Federation generated the assertion with the first entry in the list as the Recipient. The Recipient is required to match the index number.

Solution:

This issue is no longer a problem.

Star issues 21423322;1+21287493;1

SAML SSO Failure (169294)

Symptom:

SAML SSO was failing with "Could not parse SAML
response. Error message: null" as well as "ACS_BAD_SAMLRESPONSE_XML".

Solution:

This issue is no longer a problem.

Star issue 21313265;1.