Cannot inject Proxy Session Cookie into the Cookie header of an Identity Injection Policy

  • 7009875
  • 09-Dec-2011
  • 26-Apr-2012


Novell Access Manager 3.1 Administration Console server running on Windows or Linux platforms
Novell Access Manager 3.1 Support Pack 4 applied


Linux Access Gateway setup to protect a User Application server. Following the documentation, the Administrator tried to setup an Identity Injection policy that injects the users Proxy session cookie to the back end UserApp server. Going into the newly created Identity Injection policy and selecting the option to 'Inject into cookie header', the option to select the 'Proxy Session Cookie' from the drop down menu did not exist.


This bug will be fixed in the upcoming Access Manager 3.2 product. To workaround the issue, one can simply enable a custom extension in the Policy configuration and add dummy information in there. To do this:

1. go to the Policies tab in iManager and select Extensions
2. Upload any JAR file that you have on your system - you can even download a JAR file from the Admin Console host (/opt/novell/nids/lib/webapp/WEB-INF/lib/) to the workstation and upload that
3. Create a new policy extension by clicking new and populating all the fields with dummy information with the exception of the filename (where you select the JAR file you just uploaded)
4. Save out the changes

When done, the option to select the Proxy Session Cookie will appear