Users loop between NIDP and LAG while trying to authentiicate

  • Document ID:7005295
  • Creation Date:04-Feb-2010
  • Modified Date:26-Apr-2012
    • Micro Focus Products:
      Access Manager (NAM)

Environment

Novell Access Manager 3.1.1 IR2
Novell Access Manager 3.1 Access Administration

Situation

  • Users using Microsoft Internet Explorer (version 6/7/8) loop between the Linux Access Gateway Embedded Service Provider (ESP) and the trusted NIDP server during the authentication process.
  • Users using Firefox can login without facing any problems

Resolution

  • The ESP has been assigned to an accelerator / protected resource using a 2+2 letter cookie domain like "co.uk".
  • The Microsoft Internet Explorer discards these kind of cookies. With Novell Access manager 3.0 the administration console (iManager) would allow to set the cookie domain down to the host component like "www.co.uk". Since Novell Access manager 3.1 this setting is not longer allowed.
  • Systems which have been upgraded from Novell Access Manager 3.0 to 3.1 will keep the configured cookie domain even if it had been set down to the host component but can not longer be configured.
  • This issue has been addressed to engineering and will be addressed with Novell Access manager 3.1 Service Pack 2.