Novell Access Manager 3.1 Linux Access Gateway
With Access Manager SP4 (188.8.131.52), this basic auth header would get forwarded by the LAG to the back end Portal server. After applying Access Manager SP4IR2 (184.108.40.206), Single sign on to the Sharepoint Portal serverwould no longer be possible - users would always get prompted to enter their credentials in the basic auth popup screen, even though the credentials were correct.
With Access Manager SP4 IR2, the Authorization header sent by browser is being overwritten by the Authorization header, that the LAG is injecting based on the configured Identity Injection policy. To avoid this overwrite, and return to the functionality of the previous build, create the /var/novell/.overwrite_AuthHeader_With_IIData on the LAG server.
If the Auth header is maintained from the browser to the Portal, and the log level is set to INFO (or 7 in /etc/laglogs.conf), we would see
the following log entry in /var/log/ics_dyn.log :
"Authorization header is sent by Browser. Overwriting it."