Troubleshooting SiteMinder Single Sign-On

You may encounter errors while working with SiteMinder Single Sign-On login module. The following table provides the solution for the errors:

Troubleshooting for SiteMinder Single Sign-On
Issue Description Solution
Authentication failure You get an authentication failure for valid users. Check MQ_LOG/error.log to see the authentication failure details. A typical authentication failure is reflected as:
Authentication Failed. User: user1, Enterprise: Enterprisingly, Role: Manager

If the any of the values are blank, then:

  • The SiteMinder Header may not be correctly configured using the Configurator
  • The SiteMinder Header may not be configured in the SiteMinder Policy.
  • Enable the SiteMinder Web Agent Log, and verify the headers received from SiteMinder.

    Check rolemap.prop at $MQ_COMMON_DIR/enterpriseInternalName.

Value based security solutions You face problems with value based Security using Session Variables.
  • Verify the RuleBase used for Value Based Security.
  • Verify Session Variables values logged in MQ_LOG/elink.log.

If the header is not present, then:

  • SiteMinder Header may not be correctly configured using the Configurator:

    authentication.sm.sessionVariables=VendorID

  • SiteMinder Header may not be configured in the SiteMinder Policy.