Unable to decode SMSESSION cookie

Document ID : KB000117650
Last Modified Date : 16/10/2018
Show Technical Document Details
Issue:
We are seeing log messages in the web agent trace log file stating "Unable to decode SMSESSION cookie" and users are not able to navigate between 2 applications protected by Single Sign On without being prompted for authentication again.
Environment:
Single Sign On version: any
Cause:
In order for seamless navigation among protected resources, the agents protecting those resources must share the same agent keys, used to decrypt the SMSESSION cookie.Ā 
Resolution:
If you are seeing messages like "Unable to decode SMSESSION cookie" - the first things to check are if agent keys are in sync, and also if there might be multiple sets of keys in your SiteMinder key store.