Linux Access Gateway 500 Internal Server error "System is not up properly"

  • 3112605
  • 06-Jul-2007
  • 26-Apr-2012


Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Linux Novell Identity Server

Access Manager 3 Interim release 2 applied


Linux Access Gateway (LAG) setup with multiple path based multihomed reverse proxy services. There are a number of formfill and Identity injection policies that are enabled for the various protected resources. When a user tried to access a protected resource with no policies enabled, the browser would display the above error immediately after entering the users credentials at the Identity Server.

Health check showed that everything was green and healthy. We enabled the advanced IDP logging under the log TAB in order to get more details written to the catalina.out file for policies (we turned the Application component log to config level, and also enabled the trace log switch).

When the problem occured, the catalina.out file would error with the statement "the Policy ID is not set properly"


Apply the SP1 RC1 build (b2nam3sp1.tar.gz)

It turns out that, if a protected resource previously had a Formfill or Identity Injection policy enabled, but subsequently disabled it, or the policy no longer exists (such as when an IDP is re-installed and LAG is re-imported with "C"urrent configuration), the policies would remain 'linked' to the protected resource and the SOAP communication would try and evaluate them.

The fix will now "unlink" these removed non-existent policies.

Can also workaround the issue in existing builds by doing the following:

1. On the Protected Resources page, click the link of the protected resource which is enabled on the accelerator giving the error
2. Click the Identity Injection and/or FormFill tab, press OK on each
3. OK all the way back, press Update on AG panel