Novell Home

My Favorites

Close

Please to see your favorites.

NetIQ Access Manager FormFill policy loop after migrating from NAM 3.1 to 3.2

This document (7011816) is provided subject to the disclaimer at the end of this document.

Environment

NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 SP1
NetIQ Access Manager 3.2 SP1IR1a

Situation

  • NetIQ Access Manager has been migrated from 3.1.4 to 3.2.1.
  • After migrating several existing FormFill policies will generate a browser POST loop.
  • All FormFill policies were working without any problems with the NAM 3.1.4 Linux Access Gateway (LAG)

Resolution

  • This issue has been reported to engineering

  • As a workaround you have to analyze the login page and the landing page (after a successful login) for differences which can bee addressed with either the "Page Matching Criteria" or the "CGI Matching Criteria"

Cause

The landing page after a successful login process at the web application server includes as well a HTML form which matches the Form name attribute on the login page. The landing page does not include ANY of the defined input fields. With the NAM 3.1.4 Linux Access Gateway the post condition will be "HTML form name, id, number + one matching input field". This logic is broken with NAM 3.2, 3.2 SP1, 3.2.1 SP1 IR1a.

Additional Information

Troubleshooting:

  1. Install a browser header tool like the "Live HTTP Headers" plugin for Firefox or the "ieHTTPHeaders" plugin for IE.

  2. Get a copy of the login page and the landing page after a successful login

  3. Use the NAGGlobalOptions DebugFormFill=on advanced option and review the "/var/log/novell-apache2/error_log" for FormFill debug messages on matching the page

  4. Run a header trace running a driect login to the web application server (without having NAM in place) and run anther login which leads into the loop.t

  5. Review the headers trace and the FormFill debug output generated on the access Gateway

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7011816
  • Creation Date:22-FEB-13
  • Modified Date:22-FEB-13
    • NetIQAccess Manager (NAM)

Did this document solve your problem? Provide Feedback