Environment
Novell Access Manager 3.1 Linux Novell Identity Server
Novell Access Manager 3.1 Windows Novell Identity Server
Novell Access Manager 3.1 Support Pack 3 applied
Novell Access Manager 3.1 Windows Novell Identity Server
Novell Access Manager 3.1 Support Pack 3 applied
Situation
Access Manager setup and working fine - all users can access Linux Access Gateway (LAG) protected resources after authenticating to the Identity (IDP) server.
After the Administrator made some changes to the Identity server default contract, all users access protected resources with the ANY contract assigned would not get the login page displayed and therefor could not successfully access these Web resources. By changing the contract assigned to the protected resource from ANY to one of the specific contracts eg. 'Secure Name/Password - Form', users would again be able to authenticate correctly.
The logs from the Identity server would indicate that the contract being executed did not complete correctly, but did not give any details regarding possible errors.
After the Administrator made some changes to the Identity server default contract, all users access protected resources with the ANY contract assigned would not get the login page displayed and therefor could not successfully access these Web resources. By changing the contract assigned to the protected resource from ANY to one of the specific contracts eg. 'Secure Name/Password - Form', users would again be able to authenticate correctly.
The logs from the Identity server would indicate that the contract being executed did not complete correctly, but did not give any details regarding possible errors.
Resolution
Make sure that the "show card" option is not disabled on the default contract. The current logic fails to execute the default contract if the "show card" option is disabled.