Users accessing protected resources with ANY contract assigned cannot login at Identity Server

  • 7009776
  • 21-Nov-2011
  • 26-Apr-2012

Environment

Novell Access Manager 3.1 Linux Novell Identity Server
Novell Access Manager 3.1 Windows Novell Identity Server
Novell Access Manager 3.1 Support Pack 3 applied

Situation

Access Manager setup and working fine - all users can access Linux Access Gateway (LAG) protected resources after authenticating to the Identity (IDP) server.

After the Administrator made some changes to the Identity server default contract, all users access protected resources with the ANY contract assigned would not get the login page displayed and therefor could not successfully access these Web resources. By changing the contract assigned to the protected resource from ANY to one of the specific contracts eg. 'Secure Name/Password - Form', users would again be able to authenticate correctly.

The logs from the Identity server would indicate that the contract being executed did not complete correctly, but did not give any details regarding possible errors.

Resolution

Make sure that the "show card" option is not disabled on the default contract. The current logic fails to execute the default contract if the "show card" option is disabled.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.