Single sign-on with RSA SecurID Access is failing intermittently
Originally Published: 2017-06-01
Article Number
Applies To
RSA Product/Service Type: Identity Router
Issue
The error following error is displayed when this occurs:
Application appears to be improperly configured. Contact your Administrator for assistance.
Retrying the login attempt eventually works.Cause
Intermittent SSO failures are typically caused when session persistence is not being done by the load balancer. This could be due to a load balancer configuration problem or some other reason.
Resolution
- Check your load balancer configuration to ensure it is set for session persistence, as described in Load Balancer Requirements. If you have a NetScaler load balancer, see Netscaler Load Balancing Configuration for RSA Via Access IDR Cluster.
- Check that your IDRs and the load balancer as well, all have their time synchronized to an NTP server. Depending on the method used by your load balancer for session persistence, a time of day discrepancy between it and the IDRs could hinder it from recognizing existing sessions. See How to check if NTP is working on your RSA SecurID Access Identity Router.
- If session duration is too short, it can also force users to re-authenticate frequently. Check how to Configure Session and Authentication Method Settings to set Session Duration for User Sessions.
Related Articles
Test Authentication with RSA MFA Agent for macOS (Portuguese) Number of Views 'System SSL: SHA-512 crypto assist is not available' is displayed on mainframe Number of Views error: 'ORA-12560: TNS:protocol adapter error' when Attempting to Install Oracle. Number of Views How to SecurID-protect OWA using single sign-on (SSO) when OWA is in a cluster Number of Views Service is unavailable in replica when opening replica RSA Authentication Manager Self-Service Console Number of Views
Don't see what you're looking for?
