The ? wildcard fails with protected resources defined on the Linux Access Gateway

  • 3217616
  • 04-Jul-2007
  • 26-Apr-2012


Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Access Administration
Novell Access Management 3 Linux Novell Identity Server


Access Manager environment setup with a reverse proxy service accelerating a sample web server where the administrator wants the initial page to be a public resource. A protected resource was setup accordingly, with the path as /? and no contract. The /? wildcard theoretically allows access to all in the root directory, but not in any subdirectories. Users were expected to be refused access to /test/ but this was not the case. Once the administrator set up public access to /? users had open access on anything, unless we explicitly defined a protected resource requiring an authentication contract for the path.

Administrator confirmed that iChain behaved the way it should and tests on the NetWare Access gateway showed it ebhaved correctly too - this issue is specific to the Linux Access Gateway.


A defect has been opened on this and should be addressed in SP1. The only available workaround for now is to create multiple protected resources for the web server's various directories; or deply the Netware Access Gateway instead of the Linux one.