Users accessing User Application ChallengeResponse page via Linux Access Gateway not redirected to main page correctly

  • 7009876
  • 09-Dec-2011
  • 26-Apr-2012


Novell Access Manager 3.1 Linux Access Gateway
Novell Access Manager 3.1 Access Gateway Service
User Application Server 3.61 F running on SLES 10 Linux platform
Novell Access Manaqger 3.1 Support Pack 4 applied


Access Manager environment setup and working fine. Users can access protected web resources behind a Linux Access Gateway (LAG) after authenticating successfully to the Identity (IDP) server. User application (UA) 3.61 rev F was installed for password management users were able to access the various US services directly. To integrate the UserApp services with Novell Access Manager, an proxy service was created on the LAG. After doing so, some behavioural changes were noticed when the users went through the LAG versus going direct to the UA server.

Specifically, User application has a policy to ask newly created users a set of questions during the first login of that user and checks the response values. This is done via a redirect to the ChallengPasswordChange.jsp page on the UA server. When the new user is created in eDirectory and logs in via NAM for the first time, the User Application correctly prompts the user with the questions and response field. After submiting the info, the user is not redirected to the standard UA view but simply sees the questions and responses just sent by that user. When bypassing the LAG, the User Application server is redirecting the user to the main portal page as expected.


Make sure that the UserApp protected resource has an Identity Injection policy enabled that injects the Proxy Session Cookie going to the back end User App server. To do this, enable the policies as defined in Figure 10 and 11 of