000039275 - Integration issues with SiteMinder and RSA Archer due to misconfigured SiteMinder settings

Document created by RSA Customer Support Employee on Sep 16, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000039275
Applies ToRSA Product Set: RSA Archer
RSA Version/Condition: All
 
IssueWhen integrating Archer with SiteMinder SSO or URL monitoring, a number of navigation, display, and service issues may occur. For example:
  • Images do not show up in Archer notifications.
  • Data Feeds will not connect, and display a "Service Connection Failure".
  • Unexpected errors on Silverlight pages.
  • Inability to filter on columns.
  • Integration issues with Tableau or Power BI.
  • Errors in SiteMinder Information/Authentication logs:
    • URL Contains BadCssChars
    • URL contains invalid characters. Exiting with HTTP 500 server error '00-0002'

 
CauseThere are a number of settings to verify within the SiteMinder agent configuration file to achieve seamless navigation and expected behavior with RSA Archer.
 
ResolutionThe following is a list of the documented bad characters that might need to be excluded for RSA Archer, but do vary by Archer version. Please work with your internal SiteMinder teams to identify the specific bad characters for your version and then exclude them.
 

BadCssChars = <,>,;,',%22,(,),%00,%04,%08,%0A,%1B,%28,%29,%3c,%3e,%27,%3b,%7b,%7d,%5b,%5d 
BadUrlChars = \,//,./,/.,/*,*.,~,%,%00-%1f,%7f-%ff,%,%25,%0a,%0d,/%09/,%09  
BadQueryChars = /%09/,/%09,%28,%29,%3c,%3e,%22,%27,%3b,%7b,%7d,%5b,%5d,%00    
BadFormChars = <,>,%22,&,},{,(,)


In addition to the above settings, ensure SiteMinder is excluding the following Archer IIS applications and folders:
  • /api 
  • /company_files
  • /connectors (For using Tableau or Power BI)
  • /contentapi
  • /mobileapi
  • /platformapi
  • /ws 

Attachments

    Outcomes