Cannot turn off Access Gateway Service HTTP Customer Header Injection policy sending empty headers

  • 7010717
  • 31-Aug-2012
  • 31-Aug-2012


Novell Access Manager 3.1 Access Gateway Service
Novell Access Manager 3.1.4 Access Gateway Service


  • An Identity Injection policy has been defined on a "public" protected resource in order to inject a HTTP custom header e.G.: "X-USERID:".

  • If no value for the defined custom header could be retrieved while processing the injection policy (due to the fact a user which has not yet been logged in is accessing the resource) the Access Gateway Service will send an empty HTTP customer header X-USERID:

  • As a result the particular application server returns a HTTP 500 Internal Server Error


This issue has been addressed to engineering.
Please contact NTS in order to retrieve an engineering build in order to fix this issue if there is an urgent need