Tuesday, February 12, 2013

SiteMinder R12 CR11 Release with IIS7.0 Errors!!!

Quick note to all the people out there who might run into this issue.

I had developed a web application for a group in our company around 2 years back, it runs on the 3.5 ASP.Net framework and is hosted on a Windows 2008 R2 server IIS 7.0 and the application is protected with SiteMinder. Application used the DEVEXPRESS third party tool within. Last Monday I got a call from the team that the application is down and I need to look at it as the support team was not able to figure out anything.

The only change that had happened to that server was a SiteMinder upgrade from R12 CR07 to R12 CR11.

The first issue I found on the server was that the access rights for the "Network Service" user was all messed up. It didn't have access to the ASP.NET temp folders which caused the application to error out. Gave access to that particular temp folder and the application started coming up.

Now to the interesting part, since the application was protected using SiteMinder we authorize users by looking at the HTTP server variables passed on by SiteMinder. We provide the functionality based on the AD group membership. Everything was fine when the user logged into the first page, when they navigate to a page within the website, all the authorization goes off and the application considers the users as if they have only view rights. Basically the HTTP server variables did not persist across the pages.

Once the SiteMinder R12 CR07 version was installed back, everything started working as expected. We have raised a query with the MS guys about this, will let you know what happens.

It took as for a while to figure this out especially with an application which doesnt log or do error handling :) Dont blame me, they had only one month to get that application out and I had lot of other things to worry about then than logging!