We have SiteMinder Federation working (using the Web Agent Option Pack 12.52 SP1). When attempting to access an application protected by the SiteMinder ASA Agent for WebSphere with the SMSESSION created by Federation, the SMSESSION cookie gets decoded. However, when the ASA Agent for WebSphere tries to validate the user, it fails with “auth reason: 2”. (See the log file excerpt that follows.) What does reason 2 indicate?
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [INFO] High Level Agent received a valid SSO cookie.
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [INFO] High Level Agent found appropriate SiteMinder credentials.
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [INFO] High Level Agent processing authentication.
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [DEBUG] SiteMinder HLA Auth Manager processLogin session cookie available = true, challenge cookie available = false, auth scheme id = 2
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [DEBUG] SiteMinder HLA Auth Manager calling validate since no challenge cookie
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [INFO] The Authentication Manager is validating user with DN CN=User_information_goes_here.
[28 Jun 2018 17:55:14,689] [WebContainer : 2] [DEBUG] Authentication cache is checking the policy server for authentication.
[28 Jun 2018 17:55:14,691] [WebContainer : 2] [DEBUG] Authentication did not succeed
[28 Jun 2018 17:55:14,691] [WebContainer : 2] [INFO] Authentication Manager validation failed for user with DN CN=User_information_goes_here.
[28 Jun 2018 17:55:14,692] [WebContainer : 2] [DEBUG] SiteMinder HLA Auth Manager failed authentication. Publishing auth reason: 2
Source: New feed
{pubDate}