000033122 - Unable to save session state error in RSA Archer 6.x

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000033122
Applies ToRSA Product Set: Archer
RSA Product/Service Type: Archer UI
RSA Version/Condition: 6.x
IssueWhen logging into Archer 6.x Platform, you receive this error.
"Unable to save session state"

User-added image
CauseSSL and/or web.config file configuration issue.
The Web Server does not have HTTP Activation enabled.
The session has timed out and you are trying to return to your home/landing screen - See workaround.
ResolutionC(root may vary):\inetpub\wwwroot\RSAarcher\web.config file
1. Search for httpGetEnabled attribute and change from <serviceMetadata httpGetEnabled="false" /> to <serviceMetadata httpsGetEnabled="true" />
2. Search for <security mode="Transport" /> and uncomment it
3. Search for <httpTransport maxReceivedMessageSize and change from <httpTransport maxReceivedMessageSize to <httpsTransport maxReceivedMessageSize
4. Search for <httpTransport transferMode="StreamedRequest" and change from <httpTransport transferMode="StreamedRequest" to <httpsTransport transferMode="StreamedRequest"
Also, verify that the Web Server has HTTP Activation enabled
1.  Open up Server Manager
2.  Select Manage then Add Roles and Features
3.  Click next at the before you begin page if its displayed
4.  Click next for Role-based or feature-based installation
5.  Select the Web Server and click next
6.  Expand Application Server and select Web Server (IIS) Support then hit next
7.  Expand .NET Framework 4.5 Features
8.  If WCF Services is not installed, select it and hit next.  Install the feature making sure you select HTTP Activation
9.  If WCF Server is installed but HTTP Activation is not, check the HTTP Activation box and select Next then install
Also Verify that there isn't any discrepancy of your web.config file versus the configuration of your web server in regards to SSO/SSL
1. The web.config file may be configured for non-SSO/SSL but you have SSO or SSL enabled.
2. Test this by disabling SSO in Archer Control Panel and ensure that Default Site in IIS is set to anonymous and not Windows Authentication.
   --Make sure to revert your web.config file to an "Out of the box state" since the web.config file "out of box" is configured in a way that          SSO/SSL is indeed disabled.

Also Verify that if Windows Authentication is set to "Enabled", that "Extended Protection" is "Off" on the Windows Authentication.
1. Open IIS Manager
2. Expand the Server on the Left
3. Expand Sites on the left
4. Expand Default Web Site
5. Expand the Archer site (if Applicable)
6. Double-click on "Authentication"
7. Click on "Windows Authentication"
8. Click "Advanced Settings" on the right
9. Set"Extended Protection" to "Off"
10. Perform an iisreset in an Administrator command prompt.
User-added image
WorkaroundIn the case where the session has expired, log off and back in again.  If the problem is still there look at the other causes in this article.