| CA |
3.0 System Requirements
3.1 Minimum JDK/JRE Version for SiteMinder 6.0 SP 5/6.x QMR 5
4.0 Defects Fixed for SAML Affiliate Agent 6.x QMR 1
5.0 Defects Fixed for SAML Affiliate Agent 6.x QMR 2
5.1 Missing Windows Files Causes Agent Installation to Fail (39061)
5.2 SAML Affiliate Agent Requres AssertionIssuerID to be a URI (36164)
6.0 Defects Fixed for SAML Affiliate Agent 6.x QMR 3
6.1 SAML Affiliate Agent Redirects to Target URLs to Another Domain (40236)
6.2 ThreadPool Setting Ignored (40681)
6.3 Cannot Process Requests for Unprotected Resources without a Fully Qualified Domain Name (41647)
7.0 Defects Fixed for SAML Affiliate Agent 6.x QMR 4
7.1 SAML Affiliate Agent Cannot Consume SAML Assertion from Earlier SiteMinder Version (46388)
7.2 Protected Page Content in Redirect to Credential Collector (46794)
7.3 HTTP 404 Error Using Mozilla Browser with SAML Affiliate Agent (46856)
7.4 Back Channel Socket Left Open if Response Not Received (47003)
7.5 URIs Containing a Colon Fail (47575)
8.0 Defects Fixed for SAML Affiliate Agent 6.x QMR 5
8.1 Client Requests Ability to Set Secure Cookies in SAML Affiliate Agent (48404)
8.2 SAML Affiliate Agent Fails to Construct Proper TARGET Using HttpsPorts When Behind an SSL Accelerator (54563)
8.3 SAML Affiliate Agent on Apache 2.0 on Linux Fails to Load During Web Server Startup (54795)
8.4 Agent Fails to Increase Thread Pool When flexiblethreadpool=YES (48963)
8.5 Agent Creates New affiliate.log file When Append=YES Rather Than Appending Content to Existing File (51563)
8.6 Log Messages Contain %s Instead of Actual Value (47957)
9.0 Known Issues for SAML Affiliate Agent 6.x QMR 5
Welcome to CA eTrust SiteMinder SAML Affiliate Agent. This file contains product installation considerations, operating system support, known issues, and information about contacting CA Technical Support.
For a list of supported platforms:
Note: Some platforms supported in previous releases may no longer be supported.
For a list of system requirements, see the CA eTrust SiteMinder SAML Affiliate Agent Guide.
SiteMinder requires the use of JDK/JRE 1.5.0_01 or later, but note the following caveats:
This issue is a result of a Sun Microsystems bug. Refer to Sun bug number 6399321.
JDK 1.5.0_05 causes ServletExec to crash on dual processor machines.
None known.
Problem: If you are installing a SAML Affiliate Agent on an IIS 5.0 Web Server, the SAML Affiliate Agent filter will not load properly if certain files are missing from the Windows system.
Resolution: If your Windows system does not have the following files already installed:
the SAML Affiliate Agent installation will install these files under the System32 directory. If these files already exist, the installation will not overwrite them.
Problem: The SAML Affiliate Agent requires that the AssertionIssuerID parameter be set to a URI, while the SAML 1.1 specification allows the value to be a string.
Resolution: The SAML Affiliate Agent now allows the AssertionIssuerID setting to be a URI or a string.
Problem: The SAML Affiliate Agent allows a redirect to a target URL that has a different domain.
Resolution: An error message is now logged if the Agent redirects to the wrong cookie domain and access to the resource is refused.
Problem: The Affiliate Server ignores the flexiblethreadpool setting from the affiliateserverconf.properties file.
Resolution: This is no longer an issue.
Problem: The Affiliate Agent cannot process requests for unprotected resources without a fully qualified domain name in the host header. This requirement restricts a Web Agent form operating behind a load balancer in some configurations.
Resolution: The SAML Affiliate Agent now processes requests for unprotected resources without a fully qualified domain name in the host header in the following situations:
Problem: The SAML Affiliate Agent v6x QMR 4 is not able to consume SAML 1.x assertions generated by earlier versions of SiteMinder as a SAML producer.
Resolution: This is no longer an issue.
Problem: SAML Affiliate Agent includes content of protected page in redirect to portal credential collector.
Resolution: This is no longer an issue.
Problem: SunONE 6.1 Web Server returns an HTTP 404 "File not found" error to a Mozilla Web browser when the SAML Affiliate Agent is installed on the same Web Server.
Resolution: An error is no longer returned.
Problem: Agent leaves back channel communication socket open if agent fails to receive response to assertion request.
Resolution: A new configuration parameter, sockettimeout, has been added to the Affiliate Server properties file, affiliateserverconf.properties. The default value for the parameter is 300,000 milliseconds (5 min). The maximum value allowed is 2,147,483,647 milliseconds (597 hours).
Problem: The SAML Affiliate Agent will fail when the user requests any resource with a colon (:) in the URI. It does not matter whether the colon is in the query string or as part of the URI path or resource.
Resolution: This is no longer an issue.
Problem: A client is requesting the ability to set secure cookies in the 6.0 SAML Affiliate Agent. They consider the inability to set a secure cookie a security risk.
Resolution: This change has been made.
Problem: The SiteMinder 6.x QMR 4 SAML Affiliate Agent on IIS 6.0 results in an unknown attribute error for HttpsPorts. The SAML Affiliate Agent is behind a Load Balancer and is not constructing the appropriate TARGET URL.
Resolution: This is no longer an issue.
Problem: The SiteMinder 6.x QMR 4 SAML Affiliate Agent on Apache 2.0 fails to load on during Web Server startup.
Resolution: This is no longer an issue.
Problem: The Web Agent is failing to increase the thread pool when the flexiblethreadpool parameter is set to YES.
Resolution: This is no longer an issue.
Problem: Log Append is not working for SiteMinder 6.x QMR 4 SAML Affiliate Agent.
Resolution: This is no longer an issue.
Problem: The logging formatting string: %s was found in the SAML Affiliate Agent log.
Resolution: This is no longer an issue.
None are known at this time.
An internationalized product is an English product that runs correctly on local language versions of the required operating system and required third-party products, and supports local language data for input and output. Internationalized products also support the ability to specify local language conventions for date, time, currency and number formats.
A translated product (sometimes referred to as a localized product) is an internationalized product that includes local language support for the product's user interface, online help and other documentation, as well as local language default settings for date, time, currency, and number formats.
In addition to the English release of this product, CA eTrust SiteMinder supports only those languages listed in the following table.
| Language | Internationalized | Translated |
|---|---|---|
| Brazilian-Portuguese | No | No |
| Chinese (Simplified) | Yes | Yes |
| Chinese (Traditional) | No | No |
| Czech | Yes | Yes |
| Danish | Yes | Yes |
| Dutch | Yes | Yes |
| Finnish | Yes | Yes |
| French | Yes | Yes |
| German | Yes | Yes |
| Greek | Yes | Yes |
| Hungarian | Yes | Yes |
| Italian | Yes | Yes |
| Japanese | Yes | Yes |
| Korean | Yes | Yes |
| Norwegian | Yes | Yes |
| Polish | Yes | Yes |
| Russian | Yes | Yes |
| Spanish | Yes | Yes |
| Swedish | Yes | Yes |
| Turkish | Yes | Yes |
Note: If you run the product in a language environment not listed in the table, you may experience problems.
The file names for the SiteMinder 6.0 SP 5/6.x QMR 5 guides are as follows:
| Guide Name | File Name |
|---|---|
| SiteMinder Release Summary | siteminder_release_enu.pdf |
| Developer's Reference for Java | siteminder_java_dev_enu.zip |
| Developer's Guide for Java | siteminder_java_dev_enu.pdf |
| Developer's Guide for C | siteminder_c_dev_enu.pdf |
| Federation Security Services Guide | siteminder_fs_config_enu.pdf |
| Policy Server Installation Guide | siteminder_ps_install_enu.pdf |
| Policy Design Guide | siteminder_ps_config_enu.pdf |
| Policy Server Management | siteminder_ps_sysmgmt_enu.pdf |
| Policy Server Readme | readme-policy-server.html |
| Policy Server, Web Agent Option Pack Readme | readme-option-packs.html |
| Scripting Guide for Perl | siteminder_perl_scripting_enu.pdf |
| SDK Overview | siteminder_sdk_overview_enu.pdf |
| SDK Readme | readme-sdk.html |
| SAML Affiliate Agent Guide | siteminder_saa_config_enu.pdf |
| SAML Affiliate Agent Readme | readme-saml-affiliate-agent.html |
| SiteMinder Upgrade Guide | siteminder_upgrade_enu.pdf |
| SiteMinder Integrated Documents | siteminder_integdocs_ref.enu.zip |
| Tier II Directory Configuration Guide | siteminder_dir_config_enu.pdf |
| Web Agent Guide | siteminder_wa_config_enu.pdf |
| Web Agent Installation Guide | siteminder_wa_install_enu.pdf |
| Web Agent Readme | readme-web-agent.html |
To view PDF files, you must download and install the Adobe Reader from the Adobe website if it is not already installed on your computer.
Updated guides will be available at the CA Technical Support site.
For online technical assistance and a complete list of locations, primary service hours, and telephone numbers, contact Technical Support at http://ca.com/support.