Environment
Novell Identity Manager Identity
Manager 3.0
Novell Identity Manager Identity Manager 3.0.1
Novell Identity Manager Identity Manager 3.0.1
Situation
If a request to the IDMLogin portlet contains a populated http Authorization:
header,http://hostname:port/IDM/portal/protlet/IDMLoginPortlet, the
IDMLoginPortlet returns to the browser a Status Code 500, unhandled Java
exception in com.novell.afw.portal.exception.EboPortletActionException:
PortletContainerImpl: failed to run the portlet: 'IDMLoginPortlet'.
Products such as Novell Access Manager, Novell iChain or others typically
populate the Authorization: header for SSO purposes.
This exception does not occur when simply browsing to /ID
If a request is going to IDMLogin portlet directly, it will fail. Notice that if the request is to any other URL, then it works as single sign-on.
In our code, we redirect a request to login portlet automatically and put the original request's URL in a internal request chain (which holds a chain of requests that need to be done one by one). So that after login, we can redirect again to the original URL. This will make the login transparent to the user, as it looks like user goes directly to the original requested URL (and also logged in).
However, there is a special case: the original request *is* to login portlet, then we don't need to put original request URL in request chain, we put a "null" in request chain, which causes the problem later.
Resolution
The fix is to put nothing in the
chain in the special case.
Also, this issue has been fixed on Novell Identity Manager Identity Manager 3.5.0
Also, this issue has been fixed on Novell Identity Manager Identity Manager 3.5.0