Access Gateway formfill failure writing credentials to secret store

  • 3671901
  • 21-May-2007
  • 26-Apr-2012

Environment


Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Linux Novell Identity Server
Access Manager 3 Support Pack 1 beta 1 applied

Situation

Linux Access Gateway configured to front end a Web based application. The Web based application had a login form and a corresponding formfill policy was created and aplied to the protected resource (url defined was /sso/auth/*) associated with the application. The form had an action tag that submitted the form credentials to another URL on that Web server (/sso/jsp/process.jsp).

The formfill policy was configured to save the inputed user credentials to the local secret store.

When the user authenticated to Access Manager and then tried to access the application login page, all would appear fine. As soon as the user entered the credentials into the application login page, the authentication was successful but the credentials were never saved to the local secret store. Closing the browser and reaccessing the application would never automatically fill the users credentials into the application login page.

Resolution

Changed the protected resource to be /sso/*.

The application login page and the URL referenced by the action tag MUST be referenced by a protected resource. If this is not the case, the users credentials will never be saved in the local secret store.

Note that if the formfill policy had been configured to populate the login page fields with ldap attributes, all would have worked fine.