After upgrading RSA Authentication Manager to one of the following versions, the Identity Router (IDR) begins to fail the Authentication Manager connection test and SecurID token authentications fail:
- 8.2 SP1 P4,
- 8.2 SP1 P5,
- 8.2 SP1 P6, or
- 8.3 with no patches
IDR agent logging (/var/log/symplified/rsa_api.log or /var/log/symplified/symplified.log) shows errors like:
[2019-05-01 23:29:25,715] ERROR Thread-931210 - Error in processing Authn request: MessageKey [
2019-05-01 23:29:25,715] ERROR Thread-931210 - Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: MessageKey
The Authentication Manager imsTrace.log shows errors like:
-05-01 14:22:45,994, [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'], (MessageKeyManager.java:9202019
trace.com.rsa.authmgr.internal.msgkey.am.MessageKeyManager, FATAL, nj-rsa-03.emwp.com,,,,remote lookup exception: com.rsa.authmgr.internal.adjudicator.AdjudicatorFailureException: Unable to find node GUID: b891a412590a5c0a6612f9858aa4d9bd
A software defect was found in RSA Authentication Manager 8.2 SP1 patch 4 which can cause Authentication Manager to be unable to identify the encryption key the IDR agent specifies when initiating communication with the Authentication Manager server.
Upgrade all Authentication Manager instances to either:
- RSA Authentication Manager 8.2 SP1 patch 7 or
- RSA Authentication Manager 8.3 Patch 1 or higher.
