Browser receives "404 Page Not Found" error when accessing a protected resource

  • 7002665
  • 17-Feb-2009
  • 26-Apr-2012

Environment

Novell Access Manager 3 Linux Access Gateway

Situation

A client makes a request for a public resource on the LAG and then from that public resource attempts to connect to a protected resource.


A 404 "Page Not Found" error is presented to the end user.



Resolution

Currently there are two solutions to the issue.

  • In the Administration Console disable 'persistant connections' between the browser and the LAG for the protected resource
                This option can be found under the 'TCP Listen Options' of the Reverse Proxy

  • A patch for this issue will be available soon.  Please call Novell Technical Support for a Field Test File to resolve the issue.

Additional Information

During the connection for the public resource a TCP connection is made. 


When the request for the protected resouce is issued the LAG would use the same TCP connection and send the request for the protected resource the the web server of the public resouce resulting in a '404 Page Note Found' error.


In the portion of the ics_dyn.log file a request for index5.jsp is made.  At the bottom of the example the request is sent to the origin web server:  192.168.21.115:80.  This web server is associated to the public resource and not the protected resource.

AMEVENTID#28523: Process request 1 'www.novell.com:/miti/index5.jsp?application=TFIS' [192.168.21.150:2041 -> 192.168.21.141:80]
AMEVENTID#28523: Replace '?' with '$' before searching
AMEVENTID#28523: Query for the resource '/MITI/INDEX5.JSP$APPLICATION=TFIS'
AMEVENTID#28523: stree returns -1 (service 9200d6e4 id 832)
AMEVENTID#28523: Search success for the resource = /miti/index5.jsp?application=TFIS, service:0x9200d6e4, pr:0x92055664 2.
AMEVENTID#28523: public-resource with cookie.
AMEVENTID#28523: CHECK_FOR_PUBLIC_RESOURCE_IAUSER
AMEVENTID#28523: User session found corresponding to the cookie
AMEVENTID#28523: AuthServerRequestDS - handleRequestAfterEventProcessing with request state = 2, action = 0
AMEVENTID#28523: reuse connection to webserver 192.168.21.115:80 8f37fdb9  noPersist . (policy:1:2)
AMEVENTID#28523: Sending request to origin server 192.168.21.115:80 (8f37fdb9.8f37fdb9)
AMEVENTID#28523: Received response from origin server, status = 404 (192.168.21.115:80)

In the working trace the request is sent to the origin web server associated to the protected resource:  172.18.100.31:7011

AMEVENTID#4065: Process request 1 'www.novell.com:/miti/index5.jsp?application=TFIS' [192.168.21.150:52421 -> 192.168.21.136:80]
AMEVENTID#4065: Replace '?' with '$' before searching
AMEVENTID#4065: Query for the resource '/MITI/INDEX5.JSP$APPLICATION=TFIS'
AMEVENTID#4065: stree returns -1 (service 83fde6e4 id 1024)
AMAUTHID#0: AMEVENTID#4065: Search success for the resource = /miti/index5.jsp?application=TFIS, service:0x83fde6e4, pr:0x834807a4 2.
AMAUTHID#0: AMEVENTID#4065: protected-resource
AMAUTHID#0: AMEVENTID#4065: Got   valid Cookie[2122740053 14942208 925677174 3956226896  192.168.21.150 0.228 CIP:192.168.21.150] COOKIE_VALIDATION
AMEVENTID#4065: COOKIE_VALIDATION - Success
AMEVENTID#4065: AuthServerRequestDS - handleRequestAfterEventProcessing with request state = 0, action = 0
AMEVENTID#4065: Scheduling Formfill, policies matched 1
AMEVENTID#4065: reuse connection to webserver 172.18.100.31:7011 b1ff97dc  noPersist . (policy:1:2)
AMEVENTID#4065: Sending request to origin server 172.18.100.31:7011 (b1ff97dc.b1ff97dc)
AMEVENTID#4065: Received response from origin server, status = 200 (172.18.100.31:7011)



Feedback service temporarily unavailable. For content questions or problems, please contact Support.